0db2d001528194177c66715a8a0ca83f

Sharing

Copy URL Twitter E-mail

General

Target

0db2d001528194177c66715a8a0ca83f
Size

396KB
MD5

0db2d001528194177c66715a8a0ca83f
SHA1

cd31f2ac10aaa53b3a96ee536a8473ae38bf5c25
SHA256

14f2aee073d5de228d7148f38e07357b771052167d2f72215bcd7d136366bda5
SHA512

8e07953f45e4ff9c4c1caf8f20f4768bfde71bd157ea38b3f7c2681d199426ac48ffa2565f71d84ac0e0c96883c6293d137d201daef83ec47a75e9457c7c4868
SSDEEP

6144:E2YjWTqQRCZdPEtO3iJ8sVSBNhNS8/mqBv++J526iu3oDf2Sl/sPCWzjbpn5SD:EXfdZiS3SGB5x1gVzWP9ny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db2d001528194177c66715a8a0ca83f

Files

0db2d001528194177c66715a8a0ca83f
.exe windows:4 windows x86 arch:x86

025984361cb1ece8b26357451e731a37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartDocW
GetDIBColorTable
SetTextAlign
FillRgn
IntersectClipRect
DPtoLP
GetDeviceCaps
SelectObject
SetGraphicsMode
GetNearestPaletteIndex
ChoosePixelFormat
SetAbortProc
ExtSelectClipRgn
DeleteDC
FrameRgn
AddFontResourceA
CreatePen
AngleArc
GetObjectA
Ellipse
CreateDCW

user32

RegisterClassA
GetAncestor
SubtractRect
FrameRect
GetLastActivePopup
HideCaret
CreateWindowStationA
RegisterClassExA
LoadStringA
IsDialogMessage
DefWindowProcA
GetMenuStringW
FindWindowW
RegisterClassExW
SetDoubleClickTime
RealGetWindowClass
IsDlgButtonChecked
TrackPopupMenuEx
SetUserObjectInformationA
IsIconic
InvalidateRect
DdePostAdvise
CopyAcceleratorTableW
DdeFreeStringHandle
CountClipboardFormats
AdjustWindowRect
IsDialogMessageW

advapi32

CryptDuplicateHash
RegEnumKeyExA
RegDeleteValueW
CryptAcquireContextA
CryptVerifySignatureW
CryptGenKey
CryptVerifySignatureA
LookupPrivilegeDisplayNameA
CryptSetProviderExA
LookupSecurityDescriptorPartsA
CryptContextAddRef
AbortSystemShutdownW
CreateServiceW

comctl32

ImageList_DragEnter
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_GetIcon
CreatePropertySheetPage
InitCommonControlsEx
CreateStatusWindow

kernel32

SetFilePointer
GetEnvironmentStringsW
RtlUnwind
TlsFree
GetCurrentThread
GetCurrentProcessId
InterlockedExchange
GetWindowsDirectoryA
MultiByteToWideChar
ExpandEnvironmentStringsW
GetProcAddress
MoveFileA
WaitNamedPipeA
TlsSetValue
SetHandleCount
InitializeCriticalSection
GetFileType
WriteFile
HeapAlloc
GetTickCount
GetModuleFileNameA
CreateEventA
QueryPerformanceCounter
LoadLibraryA
GetEnvironmentStrings
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapCreate
GetModuleHandleA
GetModuleFileNameW
HeapFree
ExitProcess
OpenFile
GetSystemDefaultLangID
GetTimeZoneInformation
TerminateProcess
GetLocalTime
DeleteCriticalSection
AddAtomW
VirtualFree
CompareStringW
GetCurrentThreadId
WritePrivateProfileStringW
WriteProfileSectionW
GetCurrencyFormatW
GetComputerNameA
LCMapStringA
OpenMutexA
GlobalFix
OpenSemaphoreA
SetLastError
GetSystemTime
GetLogicalDrives
GetProfileIntW
CompareFileTime
TlsGetValue
HeapDestroy
VirtualAlloc
SetEnvironmentVariableA
DeleteFileW
VirtualQuery
EnterCriticalSection
GetVersion
SetConsoleCursorInfo
ResetEvent
GetCompressedFileSizeW
FreeEnvironmentStringsW
InterlockedDecrement
IsBadWritePtr
GetCPInfo
VirtualUnlock
GetCurrentProcess
FreeEnvironmentStringsA
GetCommandLineA
SetWaitableTimer
GetStringTypeW
SetStdHandle
FlushFileBuffers
ReadFile
GetFileAttributesExW
EnumResourceNamesW
GetNamedPipeInfo
CloseHandle
CreateMutexA
FindAtomW
SetEvent
GetOEMCP
CreateSemaphoreA
LeaveCriticalSection
GetStartupInfoA
LocalAlloc
GetStringTypeA
HeapReAlloc
WideCharToMultiByte
CompareStringA
GetShortPathNameA
GetDateFormatA
InterlockedIncrement
GetFileAttributesW
GetStdHandle
LocalCompact
Sleep
TlsAlloc
LCMapStringW
GetACP
GetProcessHeap
GetLastError

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

025984361cb1ece8b26357451e731a37

Headers

File Characteristics

Imports

gdi32

user32

advapi32

comctl32

kernel32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 128KB - Virtual size: 126KB

.data Size: 104KB - Virtual size: 120KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 128KB - Virtual size: 126KB

.data
Size: 104KB - Virtual size: 120KB

.rsrc
Size: 16KB - Virtual size: 13KB