0dda4ac198b27955ff16ac49304f8445

Sharing

Copy URL Twitter E-mail

General

Target

0dda4ac198b27955ff16ac49304f8445
Size

596KB
MD5

0dda4ac198b27955ff16ac49304f8445
SHA1

5ab72353a6c7aca8fc8034b2ecbacd8533c9de3d
SHA256

bbb3ed09a75afce27afb6de1729dc1172540da14619a9ae53707f1b314e54dad
SHA512

28089bf8dd783c876cb836ca9ba51b418931e8dd85cfc012e9d68646b6eb7ef5199acfb1c51d67694576b4a793ad0918af62193245761c0d3083adc65f3ac06b
SSDEEP

12288:leE/llXo3l6zyvXAZP2VnTq435EunWGD0uCMNdzb8+r5/R16Iu:V/l5o1ps8TSuWq0ulXzb8+hx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dda4ac198b27955ff16ac49304f8445

Files

0dda4ac198b27955ff16ac49304f8445
.exe windows:4 windows x86 arch:x86

58bb432cbaefba18b3dda1c47df8ca24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColorBrush
DestroyWindow
DestroyMenu
GetMenuCheckMarkDimensions
GetCaretPos
DefMDIChildProcW
DestroyCursor
UnregisterDeviceNotification
ShowWindow
GetWindowLongW
GetMenu
VkKeyScanA
CreateWindowExA
CharLowerBuffA
DispatchMessageW
MessageBoxW
CopyAcceleratorTableW
SetClassWord
SetDeskWallpaper
RegisterClassA
CloseClipboard
SwitchDesktop
CopyIcon
ArrangeIconicWindows
WINNLSGetEnableStatus
RegisterClassExA
SetWindowsHookA
GetDCEx
DefWindowProcA
SubtractRect

comctl32

ImageList_Replace
InitCommonControlsEx
_TrackMouseEvent
MakeDragList

kernel32

CreateMutexA
LCMapStringW
LockResource
UnhandledExceptionFilter
CompareStringA
MapViewOfFile
GetUserDefaultLCID
ReadFile
GetCurrentThread
IsValidCodePage
FreeEnvironmentStringsW
VirtualProtect
GetAtomNameW
MultiByteToWideChar
LoadLibraryA
GetTickCount
CloseHandle
GetEnvironmentStringsW
GetCurrentThreadId
GetStdHandle
SetEnvironmentVariableA
HeapDestroy
GetStringTypeA
GetProcessAffinityMask
VirtualFree
HeapAlloc
TlsAlloc
VirtualQuery
SetStdHandle
SetLocaleInfoW
GetDiskFreeSpaceW
HeapCreate
GetVersion
RtlUnwind
GetPrivateProfileStringA
GetLocaleInfoW
GetFileType
EnumResourceTypesA
GetTimeFormatA
ExitProcess
GetOEMCP
IsBadWritePtr
HeapFree
GetCurrentProcess
SetHandleCount
WideCharToMultiByte
CreateMailslotW
OpenMutexA
GetDateFormatA
GetVersionExA
TlsFree
GetLastError
EnterCriticalSection
TlsSetValue
VirtualAlloc
HeapSize
FlushFileBuffers
GetTimeZoneInformation
DeleteCriticalSection
TerminateProcess
GetCurrentProcessId
TlsGetValue
VirtualProtectEx
GetProcAddress
HeapReAlloc
OpenFileMappingA
InitializeCriticalSection
WriteFile
LeaveCriticalSection
GetCommandLineA
GetModuleFileNameA
FreeEnvironmentStringsA
GetStartupInfoA
LoadResource
SetLastError
InterlockedExchange
SetFilePointer
EnumSystemLocalesA
IsValidLocale
GetLogicalDrives
ReadConsoleInputA
GetModuleHandleA
GetSystemInfo
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetEnvironmentStrings
GetSystemTimeAsFileTime
QueryPerformanceCounter
LCMapStringA
GetACP
CompareStringW

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58bb432cbaefba18b3dda1c47df8ca24

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 108KB - Virtual size: 131KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 108KB - Virtual size: 131KB

.rsrc
Size: 48KB - Virtual size: 45KB