0cd958696190b3a00c31499e74aef737

Sharing

Copy URL

Twitter E-mail

General

Target

0cd958696190b3a00c31499e74aef737
Size

604KB
MD5

0cd958696190b3a00c31499e74aef737
SHA1

90adc8db573213877821e6571f27e060007080f2
SHA256

e328d30b9f39ae3ad673d39e5a82ce59e711e1b6ce29e3775d242eb3026a99de
SHA512

51f1f2b6ca01395379380e8b9096ac877a8ff9b26652ffcd4348207ca2e8f643486291a2c6827c40755b069b3bcb52a86958011151c1f77ac57698d5471f771a
SSDEEP

12288:O6LieoKSmkv+zk1oZeP76NVNM9GiZXHFjGqVd:MeoakWzk1V7CS9Gi5JGqVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cd958696190b3a00c31499e74aef737

Files

0cd958696190b3a00c31499e74aef737
.exe windows:4 windows x86 arch:x86

f114dcdf4c4da7b3b207e8fefb1a5c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindow
ImageList_Destroy
DrawStatusText
ImageList_SetFilter
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_Create
GetEffectiveClientRect
ImageList_Merge
InitCommonControlsEx
ImageList_Add
ImageList_DragEnter
ImageList_Copy
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_EndDrag
ImageList_AddMasked
DrawStatusTextA
ImageList_SetImageCount
ImageList_Remove
ImageList_Write
CreatePropertySheetPageA

kernel32

GetEnvironmentStrings
GetStringTypeA
InterlockedIncrement
GetCurrentProcessId
SetHandleCount
IsValidCodePage
VirtualQuery
GetProcAddress
QueryPerformanceCounter
CompareStringA
CommConfigDialogA
GetStartupInfoA
GetModuleFileNameA
IsDebuggerPresent
UnhandledExceptionFilter
GetCommandLineA
OpenMutexA
MultiByteToWideChar
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
SetLastError
TlsFree
FreeLibrary
ReadConsoleInputW
InterlockedDecrement
WideCharToMultiByte
VirtualAlloc
ExitProcess
GetUserDefaultLCID
GetWindowsDirectoryW
GetOEMCP
FillConsoleOutputCharacterW
GetProcessHeap
LCMapStringA
GetStringTypeW
LoadLibraryW
GetCurrentThreadId
GetTimeZoneInformation
TlsAlloc
DeleteCriticalSection
CreateNamedPipeW
EnumSystemLocalesA
SetEnvironmentVariableA
VirtualFree
TlsGetValue
Sleep
CreateMutexA
CompareStringW
GetLocaleInfoA
CreateFileA
WriteConsoleA
FlushFileBuffers
HeapSize
GetConsoleOutputCP
TerminateProcess
GetExitCodeProcess
GetTimeFormatA
FreeEnvironmentStringsW
SetConsoleCtrlHandler
GetCPInfo
GetCurrentProcess
HeapCreate
HeapFree
GetCurrentThread
TlsSetValue
WriteConsoleW
GetDateFormatA
HeapReAlloc
SetVolumeLabelW
GetEnvironmentStringsW
GetFileType
GetPriorityClass
SetStdHandle
GetTickCount
GetVersionExA
SetFilePointer
ReadFile
HeapAlloc
EnterCriticalSection
LoadLibraryA
CloseHandle
LCMapStringW
GetConsoleMode
RtlUnwind
LeaveCriticalSection
InterlockedExchange
GetSystemTimeAsFileTime
GetACP
GetStdHandle
HeapDestroy
WriteFile
SetCurrentDirectoryW
SetEvent
GetModuleHandleA
GetLocaleInfoW
GetConsoleCP
InitializeCriticalSection
GetLastError
IsValidLocale

wininet

DeleteUrlCacheContainerW
InternetGetConnectedStateEx
RegisterUrlCacheNotification
IsUrlCacheEntryExpiredA
InternetDialA
UnlockUrlCacheEntryFileA
FtpPutFileA

user32

MessageBoxW
SetWindowWord
ShowWindow
IsIconic
AdjustWindowRectEx
InsertMenuW
GetClipboardOwner
PostQuitMessage
RegisterClassA
WINNLSEnableIME
EnumDisplaySettingsExW
MessageBoxIndirectW
SetMenuItemBitmaps
GetClipboardSequenceNumber
CharPrevW
FindWindowW
LoadKeyboardLayoutA
GetClipboardData
GetClassNameA
SetCursor
SetUserObjectInformationA
GetParent
MessageBoxIndirectA
RegisterClassExA
DestroyWindow
LoadBitmapW
CreateCaret
UnregisterDeviceNotification
GetDC
GetWindowDC
GetMenuBarInfo
CreateWindowExA
DdeCreateDataHandle
GetWindowRgn
IsCharLowerA
OemKeyScan
CreateMenu
DdeUninitialize
DefWindowProcW
CascadeChildWindows
CreateDialogIndirectParamW
SendNotifyMessageA
GetFocus
DrawTextExA
GetUserObjectInformationA
DlgDirListA
IsRectEmpty
GetMenuInfo
CharLowerBuffA

shell32

ShellHookProc
ExtractIconExW
SHFormatDrive
RealShellExecuteExA

advapi32

CryptContextAddRef
InitiateSystemShutdownW
CryptVerifySignatureW
RegRestoreKeyW
RegOpenKeyW
CryptSetProviderA
CryptGetUserKey
RegFlushKey
LookupAccountNameW
LookupAccountNameA
RegCloseKey
RegOpenKeyA

gdi32

EndPath
SetTextColor
ExtSelectClipRgn
SetMagicColors
FillPath
RemoveFontResourceA
CreateDCW
PathToRegion
DeleteObject
SetTextCharacterExtra
SelectClipPath
RestoreDC
CreateCompatibleDC
GetRegionData
SetArcDirection
PatBlt
DeleteDC
CreateCompatibleBitmap
SetPaletteEntries
GetTextExtentPointA
SelectObject
LPtoDP
SetTextAlign
GetDeviceCaps
GetObjectA
CreatePolyPolygonRgn
SetStretchBltMode

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f114dcdf4c4da7b3b207e8fefb1a5c27

Headers

File Characteristics

Imports

comctl32

kernel32

wininet

user32

shell32

advapi32

gdi32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 116KB - Virtual size: 136KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 116KB - Virtual size: 136KB

.rsrc
Size: 44KB - Virtual size: 40KB