0fb046185bb66621d183d0e7d0341aca[.]exe

General

Target

0fb046185bb66621d183d0e7d0341aca.exe
Size

49KB
MD5

0fb046185bb66621d183d0e7d0341aca
SHA1

b68234e4d6344c66cf6b74a544ae5a81d6ec9161
SHA256

832c9de24d3f70bf564cfcc41886b9bbbda8fba38f7769d6e35090b019938dca
SHA512

9f17ff6feda7243770d61bfef61d1c9ab22e1ef466552f98dcc51b8539a240e5e15e6280fc75a97c16f4cce52cbe387edc0d9c156f1f66d8e59fcaec6b56f9e4
SSDEEP

768:4/ucJJXyc7jGaTmmuWtZwz3njoaj/oKzuv819ppt2Ql5hbN/AgbiCb:6ByMTtuWtW3jF/tuv8fpbrxN/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb046185bb66621d183d0e7d0341aca.exe

Files

0fb046185bb66621d183d0e7d0341aca.exe
.exe windows:5 windows x86 arch:x86

9897fb9f321fe0640ee5aee4cf301ec6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
CreateProcessW
HeapFree
GetComputerNameW
GlobalUnlock
MoveFileExW
SetLastError
lstrcatA
GetFileTime
SetThreadPriority
GetCurrentThreadId
GetLogicalDrives
GetTempPathW
DisconnectNamedPipe
lstrlenW
InitializeCriticalSection
OpenProcess
lstrcmpiA
GetModuleFileNameW
ReadFile
lstrcatW
CopyFileW
GetExitCodeProcess
CreateFileW
GetModuleFileNameA
CreateMutexW
SystemTimeToFileTime
FindClose
GetTempFileNameW
GetTimeZoneInformation
GetModuleHandleA
MapViewOfFile
WriteProcessMemory
HeapAlloc
lstrcpynW
lstrcpyW
GetCurrentProcessId
GlobalLock
CreateDirectoryW
Sleep
lstrcmpiW
GetUserDefaultUILanguage
GetTickCount
LeaveCriticalSection
HeapReAlloc
GetDriveTypeW
MultiByteToWideChar
IsBadReadPtr
lstrlenA
GetVersionExW
lstrcpyA
WaitForSingleObject
SetEvent
GetThreadPriority
EnterCriticalSection
ResetEvent
SetFileTime
CreateThread
GetCommandLineA
ReleaseMutex
GetProcessHeap
GetSystemTimeAsFileTime
GetLastError
ExpandEnvironmentStringsW
GetFileSizeEx
CreateFileMappingW
FlushFileBuffers
SetFilePointer
CloseHandle
WriteFile
FindNextFileW
DeleteFileW
GetLocalTime
FindResourceW
SetEndOfFile
FindFirstFileW
CreateEventW
OpenMutexW
UnmapViewOfFile
WideCharToMultiByte
GetSystemTime
GetProcessTimes
GetFileSize

user32

GetKeyboardState
GetWindowThreadProcessId
CloseDesktop
SendMessageW
DrawIcon
GetIconInfo
GetMessageA
CloseWindowStation

Sections

.zsj
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctctez
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bgjyt
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9897fb9f321fe0640ee5aee4cf301ec6

Headers

File Characteristics

Imports

kernel32

user32

Sections

.zsj Size: 39KB - Virtual size: 61KB

.ctctez Size: 2KB - Virtual size: 5KB

.bgjyt Size: 7KB - Virtual size: 80KB

.zsj
Size: 39KB - Virtual size: 61KB

.ctctez
Size: 2KB - Virtual size: 5KB

.bgjyt
Size: 7KB - Virtual size: 80KB