0fb1223f1e3efd6dd0ebb0dd513a2346

Sharing

Copy URL

Twitter E-mail

General

Target

0fb1223f1e3efd6dd0ebb0dd513a2346
Size

176KB
MD5

0fb1223f1e3efd6dd0ebb0dd513a2346
SHA1

e0269ba81f810b1f995a34c0d5f91554d6dc62a0
SHA256

db028c46636be02d6ac68a9a164652c97ae84bb725bb32f86616e8023d939e48
SHA512

9156067a2e2afa4f6ea9094f794140cc727fb9c3e02e569506f0dedf65eab74edb01df7d6989963278d8a4b54937edee261125fd6075dcfba7cdab5b4b3c78bc
SSDEEP

1536:tI7z/7yTNvnHJje+MVAagtMeENoUxrsaHivrh/fFSbdwuvkguq:O7zTofz5agueuMaHqfFSbdwuvkgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb1223f1e3efd6dd0ebb0dd513a2346

Files

0fb1223f1e3efd6dd0ebb0dd513a2346
.exe windows:1 windows x86 arch:x86

921b6e519f1e15ad89675ffca5d8d8f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegCloseKey
RegOpenKeyExA
InitializeSecurityDescriptor
RegCloseKey
FreeSid
GetLengthSid
FreeSid
RegCreateKeyExW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExA
GetTokenInformation
RegOpenKeyExW
RegCreateKeyExA
InitializeAcl
RegDeleteValueW
FreeSid
OpenThreadToken
OpenThreadToken
RegSetValueExA
OpenProcessToken
RegDeleteValueW
RegOpenKeyW
RegOpenKeyW
RegSetValueExA
RegDeleteValueW
AddAccessAllowedAce
FreeSid
AllocateAndInitializeSid
GetTokenInformation
RegCreateKeyExW
RegOpenKeyExA
AddAccessAllowedAce
AddAccessAllowedAce
GetTokenInformation
RegQueryValueExW
InitializeAcl
AddAccessAllowedAce
CloseServiceHandle
OpenThreadToken
RegCreateKeyExW
RegCreateKeyExA
RegEnumValueW
GetLengthSid
RegCreateKeyExW
InitializeSecurityDescriptor
RegOpenKeyExW
GetTokenInformation
OpenThreadToken
RegDeleteKeyW
RegQueryValueExA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
InitializeAcl
RegSetValueExA
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyW
InitializeSecurityDescriptor
GetLengthSid
RegOpenKeyW
SetSecurityDescriptorDacl
RegQueryInfoKeyW
RegCloseKey
RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
OpenThreadToken
InitializeSecurityDescriptor
InitializeSecurityDescriptor
GetLengthSid
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
OpenThreadToken
AllocateAndInitializeSid
AddAccessAllowedAce
RegCreateKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
AdjustTokenPrivileges
RegQueryValueExW
AdjustTokenPrivileges
RegCloseKey
AllocateAndInitializeSid
InitializeAcl
CloseServiceHandle
GetTokenInformation
RegQueryValueExW
OpenThreadToken
RegEnumKeyExW
RegSetValueExA
GetLengthSid
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
RegCreateKeyExW
RegCreateKeyExW
CloseServiceHandle
RegQueryInfoKeyW
RegOpenKeyExW
OpenProcessToken
SetSecurityDescriptorDacl
RegSetValueExA
RegDeleteKeyW
RegQueryValueExA
RegQueryInfoKeyW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
RegDeleteKeyW
AdjustTokenPrivileges
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumValueW
GetLengthSid
RegSetValueExA
RegOpenKeyExA
RegOpenKeyW
GetLengthSid
RegQueryValueExA
RegDeleteKeyW

user32

GetKeyState
SetForegroundWindow
SetWindowLongW
BeginPaint
GetFocus
GetMenu
MoveWindow
LoadStringA
SendMessageW
DialogBoxParamW
SetForegroundWindow
InvalidateRect
CallWindowProcW
IsDialogMessageW
WinHelpW
PostQuitMessage
UpdateWindow
GetWindowRect
GetSystemMenu
MoveWindow
TranslateMessage
TranslateMessage
CheckDlgButton
EndPaint
DefWindowProcW
wsprintfW
RegisterClassW
DispatchMessageA
SetCapture
InvalidateRect
GetWindowRect
SendMessageA
GetDlgCtrlID
LoadImageW
CharNextW
CreateDialogParamW
SystemParametersInfoW
LoadImageW
DispatchMessageA
DialogBoxParamW
PostQuitMessage
GetSystemMenu
SystemParametersInfoW
GetSystemMetrics
GetClientRect
GetFocus
SetTimer
BeginPaint
SetRect
SetCursor
IsWindow
SetRect
DispatchMessageW
wsprintfA
ReleaseCapture
DispatchMessageW
GetDlgItemTextW
MoveWindow
LoadImageW
GetWindowRect

kernel32

WriteFile
HeapFree
GetACP
HeapAlloc
TerminateProcess
GetLastError
HeapReAlloc
GetStartupInfoA
WriteFile
GetModuleFileNameA
GetModuleHandleA
LeaveCriticalSection
UnhandledExceptionFilter
VirtualFree
SetEvent
GetModuleHandleA
SetFilePointer
GetCommandLineA
InterlockedDecrement
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
TerminateProcess
InterlockedDecrement
LoadLibraryW
GetCurrentProcessId

Sections

Size: 141KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

921b6e519f1e15ad89675ffca5d8d8f3

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 141KB - Virtual size: 156KB

Size: 5KB - Virtual size: 8KB

Size: 6KB - Virtual size: 5KB

Size: 1024B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 512B - Virtual size: 512B