0efa18990a42eb3f89e125c66bd39281

Sharing

Copy URL

Twitter E-mail

General

Target

0efa18990a42eb3f89e125c66bd39281
Size

507KB
MD5

0efa18990a42eb3f89e125c66bd39281
SHA1

5d448e14c5d4dd62c74b2b5fe12069ede7f18e0a
SHA256

39cdd725aa66ca3f766047791fbd763739083c90cbcace638775d4a634e60073
SHA512

42d3dfcc5663625e81f7440a738007ed131abc5b1b891c481bfecf7a956c9300206a2d4f79aa1232b7623a35583b53006de5945989d098e51c286718d284655a
SSDEEP

6144:kprrpv3cLk+Gp44Ey8mnDi/chkLq4CmaDqZbbrDWQU3u4AR0k0MkADdFPUs71RWo:qDjMre+4htMkA5ZUBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0efa18990a42eb3f89e125c66bd39281

Files

0efa18990a42eb3f89e125c66bd39281
.exe windows:4 windows x86 arch:x86

704d638450ad4d7a0d7f36e99714d19b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageW
DrawTextExW
SendMessageW
IsCharAlphaNumericA
IsCharUpperA
SetDlgItemTextW
IsDlgButtonChecked
EnumThreadWindows
RegisterClassExA
MapDialogRect
DestroyAcceleratorTable
RegisterClassA
CopyImage
UnhookWinEvent
IsClipboardFormatAvailable
IsChild
GetClipboardViewer
FrameRect
MonitorFromPoint
DdeGetLastError
GetCursorInfo
OpenInputDesktop
TranslateAcceleratorA
GetCaretBlinkTime
DdeCreateDataHandle

kernel32

GetStringTypeA
FreeEnvironmentStringsA
OpenProcess
ExitProcess
GetModuleFileNameA
GetLongPathNameA
FlushFileBuffers
LockFile
InterlockedExchange
GetDiskFreeSpaceA
GlobalFindAtomA
CreateNamedPipeA
OutputDebugStringA
GetOEMCP
CompareStringW
GetCurrentThreadId
HeapAlloc
GetCPInfo
WriteFile
GetCurrentProcessId
VirtualQuery
LCMapStringW
VirtualAlloc
RtlZeroMemory
GetSystemDirectoryA
GetSystemTimeAsFileTime
VirtualFree
HeapDestroy
TlsSetValue
MultiByteToWideChar
FreeEnvironmentStringsW
CreateMutexA
SetEnvironmentVariableA
GetEnvironmentStrings
GetVersion
TlsGetValue
IsBadWritePtr
GetCurrentProcess
GetSystemTime
GetModuleHandleA
HeapFree
WideCharToMultiByte
InitializeCriticalSection
GetEnvironmentStringsW
TlsAlloc
SetHandleCount
EnterCriticalSection
CreateRemoteThread
GetFileType
CompareStringA
OpenMutexA
UnhandledExceptionFilter
WriteConsoleOutputCharacterW
LoadLibraryA
SetFilePointer
GetSystemTimeAdjustment
SetStdHandle
QueryPerformanceCounter
GetCommandLineA
VirtualAllocEx
InterlockedDecrement
PulseEvent
CloseHandle
SetLastError
AllocConsole
SuspendThread
GetCalendarInfoA
ReadFile
GetTickCount
RtlUnwind
HeapCreate
SetThreadLocale
GetStringTypeW
InterlockedIncrement
GetStdHandle
TlsFree
GetLocalTime
GetLastError
GetProcAddress
GetACP
GetStartupInfoA
DeleteCriticalSection
VirtualUnlock
ExitThread
CreateWaitableTimerA
GetTimeZoneInformation
HeapReAlloc
GetCurrentThread
LeaveCriticalSection
TerminateProcess
LCMapStringA

gdi32

PlayMetaFile
ResetDCW
GetMapMode
AddFontResourceW
SetViewportOrgEx
GetRasterizerCaps
GetSystemPaletteUse
EnumMetaFile
GetPixel
CreateCompatibleBitmap

wininet

InternetUnlockRequestFile
InternetOpenUrlA
HttpSendRequestW
HttpEndRequestA
UnlockUrlCacheEntryFile
InternetSecurityProtocolToStringA
GetUrlCacheHeaderData
InternetTimeToSystemTimeW
InternetSetOptionA

comctl32

InitCommonControlsEx

advapi32

RegEnumValueW
StartServiceW
AbortSystemShutdownA
CryptDuplicateKey

comdlg32

GetOpenFileNameW
GetSaveFileNameA
ChooseFontA
PageSetupDlgW

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

704d638450ad4d7a0d7f36e99714d19b

Headers

File Characteristics

Imports

user32

kernel32

gdi32

wininet

comctl32

advapi32

comdlg32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 5KB - Virtual size: 18KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 5KB - Virtual size: 18KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 5KB - Virtual size: 4KB