a0bf48b0a05add1b1fb53d238ede78b4

Sharing

Copy URL Twitter E-mail

General

Target

a0bf48b0a05add1b1fb53d238ede78b4
Size

47KB
MD5

a0bf48b0a05add1b1fb53d238ede78b4
SHA1

813903e3e184448b07bddda2e8ca63d1433ccd61
SHA256

06c4f648215805ac447ce03f1259a7baa54ff06e51fcca59bb9a327941fad544
SHA512

62bd99decaa73e52896d79e542e28823a37206d03b33e28112aeab49beb0ebe44005b3da2684b1c030bc094a259c5d81cd450b2b9730caf29c162e781bb1beb1
SSDEEP

768:vELxvoaTcOubnGWD5dYVBt46A46ElMTaUMMnMMMMMQqvuOYQIYQDKD5:8dfczzGSdYVBt41462MTaUMMnMMMMMQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0bf48b0a05add1b1fb53d238ede78b4

Files

a0bf48b0a05add1b1fb53d238ede78b4
.exe windows:5 windows x86 arch:x86

cc65f44200d2757809cf4bdb4db2af0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiDatabaseExportW

gdi32

GetTextExtentPointW
GetTextMetricsW
SelectObject
DeleteObject
GetTextExtentPointA
GetTextMetricsA

shlwapi

wnsprintfA
StrCatBuffW
StrCpyNW
StrCatBuffA

kernel32

lstrcmpiA
HeapFree
GetCurrentThreadId
EnterCriticalSection
SetProcessWorkingSetSize
HeapReAlloc
lstrlenW
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcess
HeapAlloc
GetLastError
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetProcAddress
DeleteCriticalSection
GetCommandLineA
GetDateFormatA
TerminateProcess
lstrlenA
GetCurrentProcessId
WinExec
CompareFileTime
GetTickCount
ExitProcess
FileTimeToSystemTime
VirtualAlloc
InitializeCriticalSection

shell32

ShellExecuteA

wintrust

WinVerifyTrust
WTHelperCertIsSelfSigned
WintrustRemoveActionID
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WintrustAddActionID

user32

GetDlgItemTextA
ReleaseDC
LoadImageA
DialogBoxIndirectParamA
EndDialog
ShowWindow
SetWindowLongA
DialogBoxParamW
LoadCursorA
DialogBoxIndirectParamW
SetCursor
DialogBoxParamA
LoadStringA
GetSysColor
SetFocus
MessageBeep
GetWindowLongA
CallMsgFilterA
WinHelpA
SendMessageW
SendMessageA
LoadBitmapA
GetDlgItem
SendDlgItemMessageA
CreateWindowExW
GetDC
EnableWindow
SetDlgItemTextA
GetWindowRect

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc65f44200d2757809cf4bdb4db2af0f

Headers

DLL Characteristics

File Characteristics

Imports

msi

gdi32

shlwapi

kernel32

shell32

wintrust

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 40KB

.rdata Size: 14KB - Virtual size: 14KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 40KB

.rdata
Size: 14KB - Virtual size: 14KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 24KB - Virtual size: 23KB