0f6d591ac731b12862ace7081536f05e

Sharing

Copy URL Twitter E-mail

General

Target

0f6d591ac731b12862ace7081536f05e
Size

3.8MB
MD5

0f6d591ac731b12862ace7081536f05e
SHA1

1a37a23c7dbaff2f3a763d244b096052b4dcb457
SHA256

f0efe0e745ac9b51c016813135d0af944832dc487e921f03b277ca86f81660b2
SHA512

4771534929b86e21ec6f67fb691c33d1fc9c0bb07f181fcdbf5fb8d6a1a3ea48fd778179f06e06af0ae08f2445ec9c6c60bb00e242ffac07eb9e6c3015b74fde
SSDEEP

98304:JFO385i5pBp8dThuDlCGquaLljHo6uipLavCFW2PfoDhv:JFOCUpX8dTdGquaLlzo6uiJD824B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f6d591ac731b12862ace7081536f05e

Files

0f6d591ac731b12862ace7081536f05e
.exe windows:5 windows x86 arch:x86

17f5d5aeb7c898aa0d41b99ce5af5d41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

CreateProcessW
GetExitCodeProcess
GetVersion
GetVersionExW
FindClose
CreateDirectoryW
WideCharToMultiByte
CreateFileA
GetDiskFreeSpaceExW
GetEnvironmentVariableW
GetCurrentProcess
FlushInstructionCache
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RemoveDirectoryW
MulDiv
OutputDebugStringW
LoadLibraryExW
InterlockedExchange
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetTempPathW
GetTempFileNameW
FindNextFileW
GetLogicalDriveStringsW
GetDriveTypeW
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalMemoryStatus
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
lstrlenW
lstrcmpiW
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateMutexW
GetFileAttributesW
SetFileAttributesW
CopyFileW
GetLocaleInfoA
ReadFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryA
LocalAlloc
GetLocaleInfoW
FormatMessageW
FindFirstFileW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
FreeLibrary
MultiByteToWideChar
GetModuleFileNameW
LoadLibraryW
GetProcAddress
ResetEvent
FlushFileBuffers
Sleep
WriteFile
MoveFileW
DeleteFileW
GetFileSize
SetFilePointer
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateEventW
SetEvent
GetLastError
CreateThread
CloseHandle
TerminateThread
GetExitCodeThread
WaitForSingleObject
RaiseException
InitializeCriticalSectionAndSpinCount
GetModuleHandleA

user32

GetWindowDC
GetSubMenu
CharNextW
GetPropW
LoadImageW
ReleaseDC
LoadMenuW
TrackPopupMenu
EnableMenuItem
ScreenToClient
ExitWindowsEx
GetDC
GetSystemMetrics
SetFocus
CallWindowProcW
DestroyMenu
ModifyMenuW
DefWindowProcW
GetSystemMenu
LoadIconW
InvalidateRect
RedrawWindow
RemovePropW
SetPropW
GetDlgCtrlID
MessageBoxW
KillTimer
EnableWindow
SetTimer
PostMessageW
IsWindow
CreateWindowExW
DestroyWindow
CreateDialogParamW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
ShowWindow
GetActiveWindow
LoadStringW
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
EndDialog
GetWindow
SystemParametersInfoW
GetWindowRect
GetClientRect
MapWindowPoints
GetDlgItem
SetWindowTextW
GetParent
SendMessageW
GetWindowLongW
SetWindowLongW
SetWindowPos
GetDesktopWindow
IsWindowVisible
UnregisterClassA
DialogBoxParamW

gdi32

CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
SetMapMode
CreateCompatibleBitmap
GetDeviceCaps
DeleteObject
GetStockObject
SetBkMode
DeleteDC
SelectObject
CreateFontIndirectW
GetMapMode
GetObjectW

advapi32

RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW

ole32

CoTaskMemRealloc
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17f5d5aeb7c898aa0d41b99ce5af5d41

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 178KB - Virtual size: 178KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 38KB - Virtual size: 38KB

.text
Size: 178KB - Virtual size: 178KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 38KB - Virtual size: 38KB