0ee37d46fca0edef3c2da9ff81032d11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ee37d46fca0edef3c2da9ff81032d11
Size

67KB
MD5

0ee37d46fca0edef3c2da9ff81032d11
SHA1

ff3db2780b807b47bbd479abec171c75fa38c45c
SHA256

2ec31b32bc80b73d5c5e3d9d4f1029f0f45972a431c9ef7df2d52dbcddddcae3
SHA512

11c0f35ba0ab559c0ce1d7538ebd4071b914b22ea30fdc48d1d5fd1fbfc32c0f9b7c42b4ee733908f60a91283171d6f1a312368dfaa381d6a1f19f454b487f4f
SSDEEP

1536:LBGi60ld2Od2jUc9wLnLmG0hij1oMOZzTQs:FGwldJ2N+nB0hktOZzt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee37d46fca0edef3c2da9ff81032d11

Files

0ee37d46fca0edef3c2da9ff81032d11
.exe windows:4 windows x86 arch:x86

68f5bd3206a2f39d17f7a58687ceaaea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIW
StrCmpNIA
wvnsprintfW
wnsprintfA
StrStrW
wnsprintfW
PathCombineW
wvnsprintfA
PathFileExistsW
PathFindFileNameW

kernel32

GetUserDefaultUILanguage
GetSystemTime
GetTimeZoneInformation
CloseHandle
OpenMutexW
ResetEvent
VirtualAlloc
GetFileAttributesA
GetVersionExW
HeapReAlloc
CreateThread
lstrcpyW
FindResourceW
FindClose
SetEvent
LeaveCriticalSection
VirtualProtect
lstrcmpiA
GetLastError
GetLocalTime

user32

MsgWaitForMultipleObjects
GetDlgItem
ExitWindowsEx
CharLowerBuffA
GetWindowTextA
GetForegroundWindow
GetClipboardData
GetKeyboardState
EndDialog
PeekMessageA
SetProcessWindowStation
FindWindowExA
OpenDesktopA
GetKeyState
OpenWindowStationA
DrawIcon
GetWindowThreadProcessId
ToUnicode
CloseWindowStation
CloseDesktop
SetThreadDesktop
LoadCursorA

advapi32

CryptAcquireContextW
RegSetValueExA
RegCreateKeyExA
DuplicateTokenEx
CryptGetHashParam
CryptCreateHash
RegEnumKeyExA
RegDeleteValueA
CryptReleaseContext
GetUserNameW
CryptDestroyHash
CryptHashData

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE