a0fddf191e5336f2e4e18faa05e5e160

Sharing

Copy URL Twitter E-mail

General

Target

a0fddf191e5336f2e4e18faa05e5e160
Size

112KB
MD5

a0fddf191e5336f2e4e18faa05e5e160
SHA1

1be4bcbf50f7c7db984abe886e30e41570543567
SHA256

295634c08a1291a7c0b89c3998893a19796943e38e8a3bcba70a1d57065608ba
SHA512

ffa7769fe0135b3f4c5f1741414ccc96c1d4efcbb1e7167f74047ab516391513e4e94f3ad5548304d9b80d821a9c0e025e40bdfeff6a1133a3f876b49fff7f91
SSDEEP

1536:+zLUKYwSPx7c025p/8FfGUK0+qOOpDAKY3O5DhgA2ShrIR9m2upv9iNVV:+ndYxA9cLfpD9D1Z5IR9zVV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0fddf191e5336f2e4e18faa05e5e160

Files

a0fddf191e5336f2e4e18faa05e5e160
.exe windows:5 windows x86 arch:x86

c95dd1ebafdd146dae933d2b8c5fdf9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\kecSfxNhkocvW\NhvFqEq\iWhcjohbs.pdb

Imports

user32

GetSystemMenu
SetScrollPos
MapVirtualKeyA
RegisterHotKey
GetMessageA
GetWindowLongA
CallWindowProcA
ShowWindowAsync
TrackPopupMenuEx
ClipCursor
GetAsyncKeyState
GetClassInfoW
SetRect
IsDialogMessageW
SendMessageA
GetDialogBaseUnits
SetMenu
SendInput
CharToOemBuffA
ScreenToClient
DestroyCaret
DrawAnimatedRects
IsChild
DrawTextW
GetDlgCtrlID
ValidateRect
CharNextExA
DefFrameProcA
LoadStringA
RegisterClassW
GetMonitorInfoW
CheckMenuItem
RegisterWindowMessageA
FindWindowW
CreateWindowExA
SetCursorPos
GetPropW
DestroyWindow
FindWindowA
GetKeyboardLayout
GetScrollInfo
GetMenuState
AppendMenuW
GetActiveWindow
GetMessageW
LoadAcceleratorsW
TileWindows
LoadBitmapW
ReplyMessage
SetFocus
ChildWindowFromPoint
GetDC
SetRectEmpty
GetFocus
MonitorFromPoint
TabbedTextOutW
GetTopWindow
DrawStateA
CheckMenuRadioItem
GetMenuStringA
DrawStateW
SetDlgItemTextW
SetLastErrorEx
InsertMenuW
VkKeyScanW
GetUserObjectInformationA
IsCharAlphaNumericW
CreateMenu
wvsprintfW
GetClassInfoExW
DeleteMenu
LoadCursorA
ShowCursor
CharToOemA
MapDialogRect
IsWindowEnabled
CharLowerW
CreateAcceleratorTableW
SetScrollInfo
LoadImageA
GetKeyNameTextW
GetMessagePos
RedrawWindow
IsMenu
GetKeyboardLayoutList
GetMenuItemRect
GetClassLongW
MessageBoxW
GetDCEx
SetWindowLongA
UnloadKeyboardLayout
GetMenuItemID
SendMessageW
SetMenuItemInfoW
EnumWindows
PostMessageW
OpenIcon
InternalGetWindowText
SetTimer
CharNextA
ExitWindowsEx
SetCaretPos
SetScrollRange
PostQuitMessage
DefWindowProcW
ClientToScreen
FrameRect
FindWindowExA
SetClassLongW
InvalidateRect
CreateDialogParamW
InvalidateRgn
OemToCharA
IntersectRect
PeekMessageA
WindowFromPoint
GetDoubleClickTime
BringWindowToTop
RegisterClassA
GetCursorPos
PostThreadMessageA
MonitorFromRect
CharLowerA
IsCharUpperA
EnumChildWindows
KillTimer
UnionRect
CopyAcceleratorTableW
GetLastActivePopup
SwapMouseButton
RegisterClassExA
BeginDeferWindowPos
IsWindowUnicode
UpdateWindow
PostMessageA
IsCharAlphaW
TranslateAcceleratorA
SetSysColors
EndPaint
DrawMenuBar
InsertMenuA
GetNextDlgTabItem
CharPrevA
LoadIconW
AdjustWindowRect
TrackPopupMenu
GetScrollRange
GetKeyboardType
MapVirtualKeyExW
OpenInputDesktop
IsWindowVisible
BeginPaint
DefWindowProcA
EndTask
IsZoomed
DeferWindowPos
SetMenuDefaultItem
SendDlgItemMessageW
TranslateAcceleratorW
PeekMessageW
GetUpdateRect
SetWindowRgn
DrawTextA
EnableScrollBar
SendMessageTimeoutA
SendDlgItemMessageA
GetCaretPos
GetClipCursor
GetNextDlgGroupItem
GetShellWindow
GetClassNameW

msvcrt

toupper
strtok
towupper
_controlfp
remove
wcsncmp
__set_app_type
free
putc
__p__fmode
malloc
wcscspn
fflush
iswctype
mbtowc
strstr
sprintf
ungetc
strcspn
__p__commode
wcsstr
fseek
strerror
_amsg_exit
setvbuf
strncpy
towlower
strpbrk
printf
_initterm
strrchr
swscanf
setlocale
_ismbblead
_XcptFilter
wcscat
wcstod
wcstok
mbstowcs
perror
_exit
strcoll
_cexit
sscanf
iswprint
wcscpy
wcstoul
vswprintf
isxdigit
srand
getenv
strncmp
clearerr
__setusermatherr
getc
fgetc
wcslen
__getmainargs
wcsncpy
wcscoll
strspn
mktime

kernel32

SetUnhandledExceptionFilter
CreatePipe
GetUserDefaultLangID
LCMapStringW
Sleep
GetNumberFormatA
GetModuleHandleW
CreateDirectoryA
HeapCreate
GetComputerNameExW
DeviceIoControl
UnhandledExceptionFilter
MoveFileExA
SetHandleCount
lstrlenW
FindResourceW
LocalLock
CallNamedPipeW
IsValidLanguageGroup
UnmapViewOfFile
SetupComm
GetStartupInfoW
GetWindowsDirectoryW
DeleteFileW
GetFileAttributesExA
RemoveDirectoryA
LCMapStringA
GetTempPathW
SetEvent
SetCommTimeouts
DeleteFileA
GetComputerNameW
lstrcpyW
SearchPathW
CreateFileA
ReleaseMutex
GetCommandLineW
CreateMutexA
SetCommState
SetThreadExecutionState
GetBinaryTypeW
GetCurrentThreadId
OpenFile
QueryPerformanceCounter
EnumSystemLocalesA
GetOverlappedResult
GetSystemInfo
GetDateFormatA
GetCommState
RemoveDirectoryW
GetTempFileNameW
CompareFileTime
SetThreadPriority
AreFileApisANSI
lstrlenA
GetThreadContext
GetTickCount
SetCommMask
SetFileAttributesA
FileTimeToSystemTime
CreateEventW
GetFileTime
FindNextFileW
FindClose
VerifyVersionInfoW
GetNumberFormatW
GlobalFindAtomW
HeapSize
LoadResource
GlobalUnlock
GetVersion
EscapeCommFunction
WinExec
GetSystemDirectoryW
ReleaseSemaphore
GetLocaleInfoA
CompareStringA
GlobalMemoryStatusEx
GetModuleFileNameW

gdi32

GetPaletteEntries
GetTextFaceW
CreateCompatibleDC
CreatePalette
GetMapMode
CreatePen
GetBitmapBits
SetStretchBltMode
PtInRegion
StretchBlt
FillRgn
SetDIBitsToDevice
CreateRectRgnIndirect
CreateBrushIndirect
SetPixel
OffsetRgn
CreateDIBSection
RoundRect
GetNearestColor
GetSystemPaletteEntries
OffsetViewportOrgEx
GetTextExtentPoint32A
CreateSolidBrush
CombineRgn
ExtTextOutW
LineDDA
GetTextExtentPointW
LPtoDP
GetClipBox
GetFontData
EnumFontFamiliesExW
ScaleWindowExtEx
WidenPath
SaveDC
BitBlt
GetNearestPaletteIndex
SetBkMode
SetDIBColorTable
GetTextCharsetInfo
GetPixel
GetTextAlign
SelectClipRgn
RemoveFontResourceW
RectInRegion
CreateEllipticRgnIndirect
GetViewportOrgEx
SetRectRgn
Rectangle
EnumFontFamiliesW
CreateHalftonePalette
GetROP2
GetTextMetricsA
RealizePalette
PolyBezier
AddFontResourceW
SetBitmapBits
StretchDIBits
SetBitmapDimensionEx
SelectPalette
GetBkMode
TranslateCharsetInfo
EndPath
SetLayout
GetCurrentObject
CreateBitmapIndirect
IntersectClipRect
RectVisible
GetLayout
GetCharWidth32W
CreateRectRgn
GetTextColor
CreateDCW
EnumFontsW
SetROP2

Exports

Exports

?SetWindowsHookAJHDkjkjdKUDFyuf@@YGKPA_WK@Z

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tcdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memvrt
Size: - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dttxt0
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dttxt1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dttxt2
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dttxt3
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c95dd1ebafdd146dae933d2b8c5fdf9b

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

gdi32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 24KB

.itext Size: 9KB - Virtual size: 9KB

.rdata Size: 7KB - Virtual size: 6KB

.tcdata Size: 12KB - Virtual size: 11KB

.data Size: 1KB - Virtual size: 1KB

.memvrt Size: - Virtual size: 110KB

.dttxt0 Size: 6KB - Virtual size: 6KB

.dttxt1 Size: 6KB - Virtual size: 6KB

.dttxt2 Size: 6KB - Virtual size: 6KB

.dttxt3 Size: 36KB - Virtual size: 36KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 24KB

.itext
Size: 9KB - Virtual size: 9KB

.rdata
Size: 7KB - Virtual size: 6KB

.tcdata
Size: 12KB - Virtual size: 11KB

.data
Size: 1KB - Virtual size: 1KB

.memvrt
Size: - Virtual size: 110KB

.dttxt0
Size: 6KB - Virtual size: 6KB

.dttxt1
Size: 6KB - Virtual size: 6KB

.dttxt2
Size: 6KB - Virtual size: 6KB

.dttxt3
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB