0f05a06a142aa412efd135fa8f5e1875

Sharing

Copy URL Twitter E-mail

General

Target

0f05a06a142aa412efd135fa8f5e1875
Size

544KB
MD5

0f05a06a142aa412efd135fa8f5e1875
SHA1

ee4160a6734941853920ea5d9c43523dfd54080c
SHA256

aa2d19330a881e5f69913f1d644fbb28feebaeaf00a6f984a86532e99b5095e4
SHA512

921a9ecaf8f6d6ed601b08866a7a9fb5e5ca49411f55f0b26ee110194718ec9996a7801c386641284bb55a46d9b2fc92c81977072615626b109443c409ecea52
SSDEEP

12288:A8rDiBeSM5C/SZJtmSjC1UpWYne4XeJJIyyNm1Zxj4KpV:KFditmWCieKy11Zx04V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f05a06a142aa412efd135fa8f5e1875

Files

0f05a06a142aa412efd135fa8f5e1875
.exe windows:4 windows x86 arch:x86

9768f3d6adb5cc6c81ef511d75c68611

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RevertToSelf

wininet

InternetCanonicalizeUrlW
SetUrlCacheEntryInfoW

kernel32

SetStdHandle
VirtualQuery
GetSystemInfo
GetModuleFileNameA
HeapAlloc
lstrcmp
TlsAlloc
GetLocaleInfoA
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetNumberFormatW
GetTimeZoneInformation
TlsGetValue
GetProcAddress
LockResource
GetCurrentThread
GetCommandLineW
SetLastError
LoadLibraryA
SetThreadLocale
GetVersionExA
GetModuleHandleA
GetStringTypeW
WideCharToMultiByte
GetFileType
SetFilePointer
GetACP
OpenFile
CloseHandle
WritePrivateProfileSectionA
WaitForMultipleObjectsEx
GetPrivateProfileIntA
ReadFile
SetHandleCount
HeapCreate
TerminateThread
CreateDirectoryA
GetComputerNameW
CreateMutexA
IsValidLocale
EnumSystemLocalesA
GetCurrentThreadId
DeleteCriticalSection
GetFullPathNameA
SetEnvironmentVariableA
GetConsoleOutputCP
EnterCriticalSection
CreateMailslotW
CompareStringW
FreeEnvironmentStringsW
VirtualAllocEx
VirtualAlloc
GetEnvironmentStrings
GetCurrencyFormatA
MapViewOfFile
GetTimeFormatA
InterlockedExchange
IsValidCodePage
PulseEvent
SetThreadPriority
WriteFile
LCMapStringW
GetDiskFreeSpaceExW
GetStdHandle
FreeEnvironmentStringsA
ExitProcess
TlsSetValue
SetLocaleInfoW
LCMapStringA
GetCommandLineA
LoadLibraryW
GetCPInfo
FlushFileBuffers
GetEnvironmentStringsW
GetDateFormatA
DeleteAtom
GlobalGetAtomNameA
VirtualProtectEx
QueryPerformanceCounter
GetStartupInfoA
GetLastError
LeaveCriticalSection
HeapDestroy
SetCurrentDirectoryW
GetTickCount
HeapFree
OpenWaitableTimerW
TlsFree
GetCompressedFileSizeW
SetThreadContext
UnhandledExceptionFilter
GetLogicalDrives
HeapReAlloc
HeapSize
GetLogicalDriveStringsA
CompareStringA
WaitForSingleObject
TerminateProcess
SetConsoleTextAttribute
ConvertDefaultLocale
SetVolumeLabelW
ReadConsoleOutputCharacterA
GetStringTypeA
OpenMutexA
GetOEMCP
SetSystemTime
GetShortPathNameA
GetUserDefaultLCID
MultiByteToWideChar
GetLocaleInfoW
IsBadWritePtr
InitializeCriticalSection
GetFileAttributesA
VirtualFree
CreateSemaphoreA
GetStringTypeExA
GetVolumeInformationA
TransactNamedPipe
RtlUnwind
CreateFileA
ReadFileEx
GetPrivateProfileSectionNamesA
GetModuleHandleW
GlobalFlags
GetCurrentProcess

comctl32

ImageList_BeginDrag
InitMUILanguage
ImageList_SetOverlayImage
ImageList_GetIconSize
DrawStatusTextW
ImageList_DragLeave
InitCommonControlsEx
ImageList_SetIconSize
CreateStatusWindowW
ImageList_DrawIndirect
CreateStatusWindow
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_LoadImage

gdi32

SetICMMode
CreateFontIndirectA
GetClipRgn
PatBlt
GetCharWidthA
ScaleViewportExtEx
GetLayout
GetTextExtentPointA
SetBoundsRect
GetViewportOrgEx
GetKerningPairs
PathToRegion
GetClipBox

user32

MoveWindow
PostQuitMessage
DefWindowProcA
SetWindowWord
CallWindowProcA
CharUpperBuffA
BlockInput
DestroyWindow
ShowWindow
MessageBoxW
GetSysColorBrush
WinHelpA
DestroyMenu
DdeInitializeA
RegisterClassExA
GetMonitorInfoW
CharUpperBuffW
GetWindowPlacement
DlgDirSelectExA
SetWindowLongA
DdeQueryNextServer
GetWindowContextHelpId
RegisterClassA
SetForegroundWindow
CharUpperA
SetWinEventHook
CreateWindowExA
ChangeDisplaySettingsA
GetDlgItemTextW
SetDoubleClickTime
UnhookWinEvent
MonitorFromPoint
SetUserObjectSecurity
GetWindowThreadProcessId
GetMenu
DdeUnaccessData
CopyRect
DrawStateW
DlgDirSelectComboBoxExW
GetTabbedTextExtentA

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9768f3d6adb5cc6c81ef511d75c68611

Headers

File Characteristics

Imports

advapi32

wininet

kernel32

comctl32

gdi32

user32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 108KB - Virtual size: 134KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 108KB - Virtual size: 134KB

.rsrc
Size: 12KB - Virtual size: 11KB