0cf6411721bf9d091f59185092fa2f2a

Sharing

Copy URL Twitter E-mail

General

Target

0cf6411721bf9d091f59185092fa2f2a
Size

708KB
MD5

0cf6411721bf9d091f59185092fa2f2a
SHA1

dac0622c0f6faef0238e0f58080234f5dd5cf725
SHA256

f63bfde252944462e81201515d811ce9e3f460d58ab5a0a6b4c99716f29d0370
SHA512

a80cc0203b96f0b1ade4fde7a060c85f0ef1b60e52b60c658b9b6febae0e44a8f489e1c2f6395aaf78281b36d9c6dc3bf4f2714872f9e9b69059715f2a2b47b0
SSDEEP

12288:JzVh0U9dOlVtilan7HgcMoGpqYR6Fd3dFn5jy6E2Cwt5ifZ06YM5bXOUF9Qu:J5h0UGl3ilan7HgcMoXFd3dp5GEtMScH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf6411721bf9d091f59185092fa2f2a

Files

0cf6411721bf9d091f59185092fa2f2a
.exe windows:4 windows x86 arch:x86

2c61a4b68b63efdea0a48136cbfc5a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntryW
InternetDialA
InternetSetDialStateA
FindFirstUrlCacheEntryW
IsUrlCacheEntryExpiredA
DeleteUrlCacheEntryA

gdi32

ChoosePixelFormat
EnableEUDC
CreateCompatibleBitmap
StartDocA
SetPolyFillMode
PatBlt
RestoreDC
CopyEnhMetaFileW
CopyMetaFileA
SetLayout
SelectClipRgn
GdiPlayDCScript
CreatePen

user32

RegisterClassExA
InvertRect
SetUserObjectInformationW
GetTabbedTextExtentA
CharPrevExA
RegisterClassA
TrackMouseEvent
GetKeyNameTextA
ChildWindowFromPoint
wsprintfA
ValidateRect
GrayStringW
BroadcastSystemMessageA
CharToOemBuffA
CreateCursor
GetPropA
ShowCursor
GetScrollRange
EnumWindows
SetParent

kernel32

GetEnvironmentStrings
TlsAlloc
DebugActiveProcess
GetVersionExA
VirtualUnlock
IsBadWritePtr
SetFilePointer
GetTimeFormatA
HeapFree
SetLastError
WriteConsoleOutputAttribute
FlushFileBuffers
LoadLibraryA
VirtualFree
EnumResourceNamesW
EnumCalendarInfoExA
GetCPInfo
LocalFileTimeToFileTime
CompareStringA
VirtualQuery
UnhandledExceptionFilter
CreateMutexA
EnumSystemLocalesA
ReadFile
GetProcAddress
QueryPerformanceCounter
IsValidCodePage
GetStartupInfoW
GetTempPathA
GetCurrentThread
GetModuleFileNameW
LCMapStringA
GetCurrentProcess
HeapSize
TlsSetValue
MultiByteToWideChar
GetLastError
ExitProcess
GetModuleHandleA
EnterCriticalSection
HeapCreate
GetDateFormatA
WriteFile
GetSystemTimeAsFileTime
GetTimeZoneInformation
WideCharToMultiByte
GetCurrencyFormatW
CompareStringW
GetModuleFileNameA
GetUserDefaultLCID
GetLocaleInfoA
LeaveCriticalSection
GetEnvironmentStringsW
TerminateProcess
GetCurrentThreadId
GetTickCount
GetStringTypeW
HeapAlloc
GetStartupInfoA
VirtualAlloc
FreeEnvironmentStringsW
GetStdHandle
SetHandleCount
GetFileType
RtlUnwind
LCMapStringW
HeapReAlloc
HeapDestroy
DeleteCriticalSection
VirtualProtect
GetCommandLineA
GetACP
SetStdHandle
GetCurrentProcessId
InterlockedExchange
FreeEnvironmentStringsA
GetOEMCP
OpenMutexA
InitializeCriticalSection
CloseHandle
OpenProcess
GetTempFileNameW
ConnectNamedPipe
TlsGetValue
TlsFree
GetSystemInfo
GetLocaleInfoW
WriteConsoleOutputW
IsValidLocale
GetCommandLineW
SetEnvironmentVariableA
GetStringTypeA

comctl32

InitCommonControlsEx

Sections

.text
Size: 369KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c61a4b68b63efdea0a48136cbfc5a8a

Headers

File Characteristics

Imports

wininet

gdi32

user32

kernel32

comctl32

Sections

.text Size: 369KB - Virtual size: 368KB

.rdata Size: 8KB - Virtual size: 37KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 369KB - Virtual size: 368KB

.rdata
Size: 8KB - Virtual size: 37KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 8KB - Virtual size: 8KB