0f71e05acf0ed9834e5911a1cc7bd4f6

Sharing

Copy URL Twitter E-mail

General

Target

0f71e05acf0ed9834e5911a1cc7bd4f6
Size

292KB
MD5

0f71e05acf0ed9834e5911a1cc7bd4f6
SHA1

1bc309aba14bd41a123c34b81a887bc31507e946
SHA256

dd641225aa3872be19c9a869555270264ac1fd031176ca97db50558a03ac27a6
SHA512

9f9d0074aa22310a364013bfb936eb3da85dd0009826d95b7c3085003f2e68c218830ba60841c0d74db7b73583fbd1395fbefe59a16931529aeaeb44051bae64
SSDEEP

6144:1ygwo0czSikZtNoK+wS9evP8Re4+hdr0o+BmjhkM2O:1IMJkZOwSoPV4+hdr0itkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f71e05acf0ed9834e5911a1cc7bd4f6

Files

0f71e05acf0ed9834e5911a1cc7bd4f6
.exe windows:4 windows x86 arch:x86

c63dfe3f77b3336e0d39c9d3dbfa840d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
VirtualAlloc
GetLocalTime
GetModuleFileNameW
GetCurrentThreadId
InterlockedDecrement
CreateEventW
WaitForSingleObject
CreateWaitableTimerW
GetLogicalDrives
MultiByteToWideChar
GetFileAttributesExW
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
GetCurrentProcess
GlobalUnlock
WaitForMultipleObjects
FindFirstFileW
GetSystemTime
GetDriveTypeW
GetCurrentProcessId
MoveFileW
LoadResource
VirtualFree
SetWaitableTimer
FindResourceW
InterlockedIncrement
QueryDosDeviceW
GetVersion
FreeResource
SuspendThread
FindFirstChangeNotificationW
MulDiv
CancelWaitableTimer
SetLastError
ResetEvent
FindNextFileW
CloseHandle
SizeofResource
ReadProcessMemory
GetLastError
GetTickCount

user32

InvalidateRect
LoadBitmapW
ReleaseCapture
GetClassNameW
IsDlgButtonChecked
LoadCursorW
GetCursorPos
CreateWindowExW
GetSysColor
SendDlgItemMessageW
LoadImageW
wsprintfW
PostQuitMessage
SetCapture
CreatePopupMenu
DispatchMessageW
IsWindow
GetWindowDC
AppendMenuW
SetCursor
WindowFromPoint
DialogBoxParamW
GetWindowRect
PostMessageW
FillRect
RegisterClassExW
GetSystemMetrics
SendMessageW

gdi32

CreateDCW
CreateSolidBrush
CreateICW
GetObjectW
SetBkMode
MoveToEx
GetMapMode
SetDIBits
CreateCompatibleDC
SetTextColor
DeleteDC
Rectangle
SelectObject
LineTo
DPtoLP
GetClipBox
BitBlt

advapi32

RegQueryValueExW
InitializeSecurityDescriptor
GetUserNameW
RegDeleteValueW
RegCloseKey
LookupPrivilegeValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

shell32

Shell_NotifyIconW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c63dfe3f77b3336e0d39c9d3dbfa840d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 264KB - Virtual size: 261KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 264KB - Virtual size: 261KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB