0c2b0c5ca1086d5c4b4606adc24c2911

Sharing

Copy URL Twitter E-mail

General

Target

0c2b0c5ca1086d5c4b4606adc24c2911
Size

513KB
MD5

0c2b0c5ca1086d5c4b4606adc24c2911
SHA1

4ccb34e06b3d3b6b2411c342d39c46dc6686aac2
SHA256

9bf186288abe2a63c5a538919076993184732217fee90c4541eb03408a9b0f35
SHA512

1dca8dfaaeae583a3cb495d874be06154ed3eb2edd1c7d7f95506350e6b75968c6a3e38c8a5271ef60a58fbf8c9fd2a298517e47e14cc6ee65dac685064a36db
SSDEEP

12288:jd8vPDGj2+MWKpb3gh0YronPY7Pqq3QWuN4:jmPSj2+MWKZgh0Y8dqAWuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c2b0c5ca1086d5c4b4606adc24c2911

Files

0c2b0c5ca1086d5c4b4606adc24c2911
.exe windows:4 windows x86 arch:x86

9250058ddd03749efb4c6c588d22cd9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
QueryPerformanceCounter
CreateSemaphoreA
GetCPInfo
FreeLibrary
SetEnvironmentVariableA
GetStartupInfoA
SetHandleCount
GetProcAddress
CreateFileA
FreeEnvironmentStringsW
EnumSystemLocalesA
GetDateFormatW
HeapAlloc
Sleep
UnhandledExceptionFilter
DeleteCriticalSection
GetModuleFileNameA
LCMapStringW
WriteFile
GetOEMCP
GetLastError
IsValidLocale
GetStartupInfoW
FindNextFileA
SetFilePointer
HeapReAlloc
GetDateFormatA
SetThreadAffinityMask
GetCurrentProcessId
InterlockedIncrement
LCMapStringA
CompareStringW
GetCommandLineW
GetLocaleInfoW
CreateMutexW
WriteConsoleA
GetUserDefaultLCID
LoadLibraryA
GetLocaleInfoA
GetCurrentProcess
WriteConsoleW
GetStdHandle
LeaveCriticalSection
SetThreadLocale
GetCurrentThreadId
GetStringTypeA
CreateMutexA
ResumeThread
GetConsoleMode
GetACP
GetProcessAffinityMask
CloseHandle
TlsGetValue
SetStdHandle
FlushFileBuffers
GetModuleFileNameW
InterlockedDecrement
SetLastError
GetModuleHandleW
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetTimeZoneInformation
IsDebuggerPresent
GetCommandLineA
IsValidCodePage
GetFileType
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
HeapSize
EnterCriticalSection
TlsAlloc
TerminateProcess
HeapCreate
GetStringTypeW
HeapDestroy
OpenMutexA
WideCharToMultiByte
RtlUnwind
WriteFileEx
VirtualQuery
ReadFile
CompareStringA
TlsFree
WriteConsoleOutputA
GetConsoleOutputCP
GetCurrentThread
SetUnhandledExceptionFilter
InterlockedExchange
ExitProcess
OpenFile
VirtualAlloc
GetTimeFormatA
GetConsoleCP
HeapFree
GetTickCount
GetEnvironmentStringsW
VirtualFree
TlsSetValue

comdlg32

ChooseColorW
ReplaceTextA
FindTextA
GetOpenFileNameW

user32

GetScrollRange
AttachThreadInput
IsCharLowerA
RegisterClassExA
RegisterClassA

comctl32

InitCommonControlsEx

advapi32

CryptDestroyHash
LogonUserA
CryptSignHashA
LookupPrivilegeNameW
CryptContextAddRef
RegOpenKeyA
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegSaveKeyW

wininet

HttpAddRequestHeadersA
InternetOpenW
InternetFortezzaCommand
InternetWriteFileExA
InternetHangUp
FtpDeleteFileA
CommitUrlCacheEntryA
InternetTimeToSystemTimeW

gdi32

SetRectRgn
GdiFlush
StartDocW
EnumFontFamiliesExW
AnimatePalette
GetNearestPaletteIndex
CreateDCW
FillPath
RealizePalette
WidenPath
GetBitmapDimensionEx
SetPixel

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9250058ddd03749efb4c6c588d22cd9b

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

comctl32

advapi32

wininet

gdi32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 10KB - Virtual size: 19KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 10KB - Virtual size: 19KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 11KB - Virtual size: 10KB