0f0114ee8e657987e8d5e0fd452931ee

Sharing

Copy URL Twitter E-mail

General

Target

0f0114ee8e657987e8d5e0fd452931ee
Size

322KB
MD5

0f0114ee8e657987e8d5e0fd452931ee
SHA1

60904678dab681cb69c6141051507e2f922aeaa6
SHA256

b25f1d7e5abe25ba1411954ac55da84ad4bd3a52cb59d57bfb529cfdc85a2e9c
SHA512

4227d4a0abffb80c4201a96736d1f13f28342d213c1c26b68e5be55ce173cf9c8c478119c74eda130136553cf6a3acf17c9f7ebcb03658ca8ef71adb0884d723
SSDEEP

6144:kcLcTLtM7MPc0q7Ujb4T3Z4Z1aMDvQOvLa8956rktwAEq3gCan/:ktFfPc0QN4243VxtKqQR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0114ee8e657987e8d5e0fd452931ee

Files

0f0114ee8e657987e8d5e0fd452931ee
.exe windows:4 windows x86 arch:x86

1bbc47a413f6d1bc337f4e70a0975fa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
MonitorFromWindow
DrawTextExW
MonitorFromRect
AnimateWindow
CopyImage
FindWindowExW
CharUpperA
CallMsgFilterA
GetMenuItemRect
RegisterClassExA

comdlg32

GetFileTitleW
ChooseColorW
PrintDlgA

comctl32

InitCommonControlsEx

kernel32

InterlockedExchange
InitializeCriticalSection
SetHandleCount
GetEnvironmentStringsW
HeapLock
SetFilePointer
GlobalFindAtomW
HeapDestroy
CreateDirectoryA
CompareStringA
OpenMutexA
GetPrivateProfileSectionNamesA
EnumDateFormatsW
GetModuleFileNameA
lstrcmpW
HeapFree
GetVersionExA
FlushFileBuffers
FreeEnvironmentStringsA
GetCPInfo
HeapSize
GetTickCount
SetEnvironmentVariableA
GetSystemTimeAsFileTime
EnumSystemLocalesA
TerminateProcess
SystemTimeToFileTime
GetOEMCP
GetLocaleInfoA
EnterCriticalSection
VirtualAlloc
QueryPerformanceCounter
GetCurrentProcessId
LoadLibraryA
ReadFile
GetACP
CreateSemaphoreA
RtlUnwind
LocalShrink
LCMapStringA
SetConsoleCP
GetSystemInfo
VirtualQuery
CreateMailslotA
ExitProcess
LCMapStringW
LeaveCriticalSection
TlsSetValue
GetThreadPriorityBoost
GetCurrentProcess
GetUserDefaultLCID
HeapAlloc
TryEnterCriticalSection
GetModuleHandleA
LockFileEx
GlobalFindAtomA
GetCurrentThread
MapViewOfFileEx
SetStdHandle
TlsAlloc
GetStdHandle
GetDateFormatA
GetEnvironmentStrings
EnumSystemCodePagesW
IsBadWritePtr
WritePrivateProfileStructA
GetTimeZoneInformation
FreeEnvironmentStringsW
UnhandledExceptionFilter
CreateMutexA
GetStartupInfoA
GlobalUnfix
CompareStringW
IsDebuggerPresent
IsValidLocale
WriteFile
GetCurrentThreadId
CloseHandle
GetFileType
GetTimeFormatA
HeapReAlloc
GetCurrencyFormatW
GetStringTypeA
IsValidCodePage
GetProcAddress
GetStringTypeW
GetNumberFormatW
MultiByteToWideChar
SetLastError
VirtualFree
TlsFree
VirtualProtect
GetLastError
WideCharToMultiByte
TlsGetValue
WaitForSingleObject
DeleteCriticalSection
GetLocaleInfoW
SetUnhandledExceptionFilter
GetCommandLineA
HeapCreate

wininet

FtpGetFileW
SetUrlCacheEntryGroupW
FindFirstUrlCacheEntryExA
InternetOpenA
InternetConnectW
InternetQueryOptionW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bbc47a413f6d1bc337f4e70a0975fa8

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

kernel32

wininet

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 8KB - Virtual size: 14KB

.data Size: 172KB - Virtual size: 172KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 8KB - Virtual size: 14KB

.data
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 8KB - Virtual size: 8KB