0ff5f0d883441bf08eedcb54a86a977d

Sharing

Copy URL

Twitter E-mail

General

Target

0ff5f0d883441bf08eedcb54a86a977d
Size

212KB
MD5

0ff5f0d883441bf08eedcb54a86a977d
SHA1

fcbb4c59a9f3a8c82348ea0c5bfccf407c796ed0
SHA256

6a143bdb72a0772f0eb4491527eb7bd0a64014cbec80a187d2403ae086ca1aeb
SHA512

3bd09f8d521c604a2de5aca1fadda6e67a801277a3848a66265635e00d2d643cfa3e629fceeff1c2eaa82f85ea971b8902050030b37555c5a6fbe1fc1e16b471
SSDEEP

3072:fgJjL2a62L6xuddxi9snRGt2hkRZM0MViEUbgM6r5lXgMBCqN83VfbuXUH1Ng+aL:fH2exuUsRxkPSTrPgM0c83vH1Ng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ff5f0d883441bf08eedcb54a86a977d

Files

0ff5f0d883441bf08eedcb54a86a977d
.exe windows:5 windows x86 arch:x86

289bb7ea085232742b0f328ddb8e7ae3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DestroyPropertySheetPage
ImageList_Destroy
ImageList_Remove
InitCommonControlsEx
CreatePropertySheetPageW

kernel32

FindNextFileA
WideCharToMultiByte
GetThreadLocale
BuildCommDCBA
GetUserDefaultLangID
FindNextFileW
SetCurrentDirectoryW
IsBadReadPtr
GetSystemTimeAdjustment
lstrcatW
GetSystemDefaultUILanguage
lstrcmpiA
UnhandledExceptionFilter
MapViewOfFile
CreateEventW
GetOverlappedResult
CreateEventA
HeapLock
DefineDosDeviceW
GetCommandLineA
GetHandleInformation
GlobalReAlloc
CallNamedPipeW
GetOEMCP
GetStdHandle
SetSystemTime
GetNumberFormatA
GetThreadTimes
SetThreadContext
FoldStringW
AddAtomW
LocalLock
CreatePipe
lstrcpynW
RaiseException
SetCommBreak
SetWaitableTimer
SetLocalTime
lstrlenA
GetThreadContext
CreateDirectoryA

user32

GetMenuItemInfoW
DeleteMenu
InsertMenuA
CreateDialogParamW
DrawIconEx
FindWindowW
SetUserObjectInformationW
GetMenuState
GetWindowRect
LoadIconW
GetDlgItemTextW
GetMessagePos
EndDialog
DrawTextA
FindWindowExW
SetMenuItemInfoW
DrawEdge
OpenInputDesktop
CreateCaret
EnumChildWindows
GetMenuItemRect
InSendMessage
GetDialogBaseUnits
TranslateMessage
SendInput
GetWindowPlacement
GetMenuItemCount
GetClassNameW
ShowWindow
IsDialogMessageW
InvalidateRgn
EndPaint
GetDlgItem
LoadCursorA
SetScrollRange
EnableMenuItem
SetRectEmpty
DrawMenuBar
CharUpperA
GetKeyboardLayoutList
RemoveMenu
ClipCursor
IsIconic
OffsetRect
OpenIcon
LoadMenuA
GetMenuContextHelpId
MonitorFromPoint
LoadBitmapW
CheckMenuItem
SetWindowPlacement
SetCursorPos
SetForegroundWindow
GetMessageExtraInfo
AttachThreadInput
LookupIconIdFromDirectory
LoadCursorW
GetWindowTextLengthW
WindowFromPoint
SetWindowRgn
TileWindows
GetDlgCtrlID
MonitorFromRect
ShowCaret
CreateWindowExA
RegisterWindowMessageA
GetWindow
GrayStringW
wvsprintfW
FindWindowExA
GetWindowDC
CreatePopupMenu
ReplyMessage
RemovePropW
MessageBoxExW
PostQuitMessage
UnionRect
PostMessageW
GetUserObjectInformationA
wvsprintfA
GetPropW
GetLastActivePopup
SetWindowLongA
CreateIconFromResource
SetCaretPos
CharNextA
CreateDialogParamA

gdi32

GetCurrentObject
EnumFontFamiliesW
RectInRegion
DeleteObject
Ellipse
GetSystemPaletteUse
GetTextExtentPoint32W
GetNearestColor
SetAbortProc
GetFontData
SetTextColor
GetTextMetricsW
CreateBitmap
GetWindowOrgEx
Escape
Rectangle
GetROP2
GetClipBox
GetSystemPaletteEntries
CreateBitmapIndirect
SetWindowExtEx
GetDIBColorTable
GetTextExtentPoint32A
EndPage
FlattenPath
EndPath
PtVisible
CreatePenIndirect
CreateHalftonePalette
SetDIBitsToDevice
GetTextExtentExPointW
CreateFontIndirectA
SetViewportOrgEx
SetLayout
ExtFloodFill
BeginPath

msvcrt

iswprint
_controlfp
isalnum
floor
__set_app_type
__p__fmode
wcstoul
ftell
__p__commode
_amsg_exit
_initterm
strchr
setvbuf
strcspn
atoi
fclose
tolower
strpbrk
_acmdln
iswxdigit
exit
iswalpha
_ismbblead
_XcptFilter
toupper
_exit
fseek
wcstol
_cexit
__setusermatherr
putchar
wcsncpy
wcscoll
wcspbrk
gets
iswspace
puts
fgetc
wcstok
__getmainargs

Exports

Exports

?DeleteCriticalSectionDJUkdjJK@@YGKEPA_WG@Z
?DeleteCriticalSectionDUidKJLKljd@@YGKEPA_WG@Z
?DeleteCriticalSectionDUiudIUkljud@@YGKEPA_WG@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg_
Size: 75KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

289bb7ea085232742b0f328ddb8e7ae3

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.itext Size: 67KB - Virtual size: 67KB

.edata Size: 9KB - Virtual size: 8KB

.data Size: 43KB - Virtual size: 42KB

.dbg_ Size: 75KB - Virtual size: 195KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.itext
Size: 67KB - Virtual size: 67KB

.edata
Size: 9KB - Virtual size: 8KB

.data
Size: 43KB - Virtual size: 42KB

.dbg_
Size: 75KB - Virtual size: 195KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB