0d8848d5657cce5a79e459f06b016234

Sharing

Copy URL

Twitter E-mail

General

Target

0d8848d5657cce5a79e459f06b016234
Size

416KB
MD5

0d8848d5657cce5a79e459f06b016234
SHA1

aaa31929765bc8ee3ff1115e79f3d014ac08eed2
SHA256

d394432bad18114f5a55eb708750dae32eab1894ff0e65bb32468d9c1381c60f
SHA512

79423ae52e0acafe100e0c37c21b6125b99a43af395f706e8690b6f3a5d9e8b7a2f48e06c213fe10207def250f7962f9275a7a2f3107de12ab8bb1220ed53d40
SSDEEP

12288:h20wtfhwyvodW1aRfZ6sH32x3Utou4SPmGxSZtbuuv:iJTxfRUuu4qmGxQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d8848d5657cce5a79e459f06b016234

Files

0d8848d5657cce5a79e459f06b016234
.exe windows:4 windows x86 arch:x86

8c3affb3652c5ca6cfa1f066ffaa3ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetUserKey
AbortSystemShutdownA
CryptDestroyKey
AbortSystemShutdownW

user32

GetWindowTextA
BroadcastSystemMessageW
DdeAccessData
CharUpperA
CreateMenu
EnumDesktopWindows
UnregisterClassA
ValidateRgn
GetDC

shell32

ShellAboutW
ShellExecuteExA
InternalExtractIconListW
SHAppBarMessage
SHLoadInProc

wininet

FtpGetCurrentDirectoryW
UnlockUrlCacheEntryFileW
InternetCreateUrlW
DeleteUrlCacheGroup
SetUrlCacheEntryGroup
FindFirstUrlCacheContainerA
GetUrlCacheEntryInfoA
UnlockUrlCacheEntryFile
HttpEndRequestA
FindFirstUrlCacheEntryW
InternetCreateUrlA
FindNextUrlCacheEntryA
InternetDial
InternetGetConnectedState
InternetCombineUrlW
DeleteUrlCacheEntryW
InternetTimeToSystemTimeA
InternetCanonicalizeUrlA
HttpCheckDavCompliance

kernel32

CreateThread
InterlockedIncrement
WaitForMultipleObjectsEx
FindResourceExW
HeapAlloc
GetCurrentProcessId
GetCurrencyFormatA
GetModuleFileNameA
HeapFree
GlobalFlags
GetVersionExA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTimeAsFileTime
LocalUnlock
VirtualAlloc
FileTimeToSystemTime
TerminateProcess
LoadLibraryA
RtlUnwind
HeapReAlloc
GetModuleHandleA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GetTickCount
ExitProcess
GetProcAddress
CreateWaitableTimerA
TlsAlloc
SetConsoleTextAttribute
VirtualQuery
GetCurrentProcess
GetCurrentThreadId
IsDebuggerPresent

comdlg32

ChooseColorW
ChooseFontA
ReplaceTextA
FindTextA
PageSetupDlgW
PrintDlgA
GetFileTitleA
PageSetupDlgA

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c3affb3652c5ca6cfa1f066ffaa3ea9

Headers

File Characteristics

Imports

advapi32

user32

shell32

wininet

kernel32

comdlg32

Sections

.text Size: 138KB - Virtual size: 137KB

.data Size: 264KB - Virtual size: 263KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 138KB - Virtual size: 137KB

.data
Size: 264KB - Virtual size: 263KB

.rsrc
Size: 13KB - Virtual size: 13KB