0c311e38069375483ad826047c6b90c3

Sharing

Copy URL Twitter E-mail

General

Target

0c311e38069375483ad826047c6b90c3
Size

656KB
MD5

0c311e38069375483ad826047c6b90c3
SHA1

0216edcfef0c8557cbcac8903cfb4bf4348a154e
SHA256

a391630fcb2c9b6afe28c1aa24626981555f8df5768fb7537e0727307f5fe6a8
SHA512

633c0f960be0d836516f85742f56acd30a645cf6eecd43c036060dd703808cc43e32f70c1d627109324970ca86152131206d362762c6c27afc35cd990795c2f7
SSDEEP

12288:viF15QvlgikP5VOAY/9T3ktMS3H3dIPnfRC5wCkbOWmW0:af5QvlgzPe9T8MS33CPYyCKOw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c311e38069375483ad826047c6b90c3

Files

0c311e38069375483ad826047c6b90c3
.exe windows:4 windows x86 arch:x86

ed32e4f6862585529d60b82720abf29f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindFirstUrlCacheEntryA
InternetTimeToSystemTimeW
ShowCertificate
InternetOpenUrlA

kernel32

SetVolumeLabelA
SetFileAttributesA
GetUserDefaultLCID
TlsAlloc
IsBadWritePtr
IsBadReadPtr
GetVersionExA
InterlockedExchange
LocalReAlloc
TlsFree
LocalFlags
GetModuleFileNameA
InitializeCriticalSection
FreeEnvironmentStringsW
VirtualProtect
CompareStringW
VirtualQuery
LCMapStringA
GetLocaleInfoA
InterlockedCompareExchange
CloseHandle
GetCurrentThread
SetConsoleTitleA
EnterCriticalSection
GetExitCodeProcess
TerminateProcess
GetTickCount
GetModuleHandleA
SetCurrentDirectoryA
SetLastError
DebugBreak
GetStringTypeW
ExitProcess
VirtualAlloc
lstrcmpiW
SetConsoleCtrlHandler
TlsGetValue
EnumSystemCodePagesW
LCMapStringW
UnhandledExceptionFilter
SetFilePointer
VirtualFree
GetTimeFormatA
GetStdHandle
GetLastError
GetCurrentThreadId
WideCharToMultiByte
DeleteCriticalSection
TlsSetValue
OutputDebugStringA
GetProcAddress
HeapReAlloc
GetEnvironmentStrings
GetDateFormatA
SetUnhandledExceptionFilter
InterlockedDecrement
GetConsoleCP
InterlockedIncrement
HeapValidate
GetCurrentProcess
WriteFile
GetTimeZoneInformation
GetFileType
HeapCreate
CreateEventW
GetSystemTimeAsFileTime
GetStartupInfoA
GetSystemInfo
EnumSystemLocalesA
GetCommandLineA
FlushFileBuffers
WaitForMultipleObjects
SetEnvironmentVariableA
LeaveCriticalSection
GetCPInfo
GetACP
HeapDestroy
GetStringTypeA
GetOEMCP
GetFileSize
HeapFree
FreeEnvironmentStringsA
CreateMutexA
OpenMutexA
SetStdHandle
GetNamedPipeInfo
CompareStringA
IsValidLocale
SetConsoleActiveScreenBuffer
MultiByteToWideChar
ExpandEnvironmentStringsA
IsValidCodePage
HeapAlloc
GetCurrentProcessId
GetLocaleInfoW
ReadFile
GetEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryA
RtlUnwind
SetHandleCount

shell32

DragAcceptFiles

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_SetOverlayImage
ImageList_GetFlags
ImageList_GetBkColor
ImageList_DrawEx
GetEffectiveClientRect
ImageList_Draw
ImageList_SetFlags
ImageList_Add
ImageList_Destroy
ImageList_SetIconSize
ImageList_Write
ImageList_DrawIndirect
ImageList_Duplicate
InitCommonControlsEx
ImageList_SetFilter
ImageList_GetImageRect
MakeDragList
CreateUpDownControl
CreatePropertySheetPage
DrawStatusTextA
CreateStatusWindow
ImageList_SetDragCursorImage

comdlg32

GetOpenFileNameW
PrintDlgW

user32

CallMsgFilterA
ChangeDisplaySettingsW
DestroyWindow
MessageBoxW
MenuItemFromPoint
LoadAcceleratorsW
CharUpperBuffW
DefWindowProcW
GetDlgItemTextW
IsCharAlphaW
DragDetect
GetUpdateRgn
DefMDIChildProcW
UnionRect
GetPropW
InSendMessageEx
DdeSetUserHandle
UnregisterClassW
GetMenuCheckMarkDimensions
RegisterClassExA
FreeDDElParam
ShowWindow
LockWindowUpdate
GetUpdateRect
SetMessageExtraInfo
SetMenu
LoadKeyboardLayoutW
SetUserObjectInformationA
WaitForInputIdle
GetClassLongW
RegisterClassA
IsRectEmpty
SetClipboardData
SetWindowsHookW
SubtractRect
ChangeDisplaySettingsA
ScreenToClient
SetWindowRgn
CopyImage
SetMenuItemInfoA
GetWindowModuleFileNameW
CountClipboardFormats
GetClientRect
GetClassInfoExA
ValidateRect
LoadCursorW
IsDlgButtonChecked
CharNextA
GetClassLongA
CreateWindowExW
BringWindowToTop
ValidateRgn
ChangeDisplaySettingsExW
ShowWindowAsync
CheckMenuItem
DdePostAdvise
GetSubMenu
CascadeWindows
ShowOwnedPopups
ChangeMenuW
ClipCursor
AppendMenuA
EndDeferWindowPos

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed32e4f6862585529d60b82720abf29f

Headers

File Characteristics

Imports

wininet

kernel32

shell32

comctl32

comdlg32

user32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 112KB - Virtual size: 138KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 112KB - Virtual size: 138KB

.rsrc
Size: 52KB - Virtual size: 48KB