ade70518f7ac8416ed28bd33112ac17e

Sharing

Copy URL Twitter E-mail

General

Target

ade70518f7ac8416ed28bd33112ac17e
Size

604KB
MD5

ade70518f7ac8416ed28bd33112ac17e
SHA1

97a9e86feb3171ba30c0bc6be4968d04050a6a37
SHA256

a16bae0b09135f3767dad6481d4dffa8d9fb6ae5ac61819fca4f9fd258d4961c
SHA512

4e970fa56c1d353684a5f36767fc8a7948e8b75e01da771d0ab0578a04d5ee74a10351159288e9ced5f36b5a7ac0a87bb09811d4310b0aea61f3d80286eeed4b
SSDEEP

12288:uKJ5SawC+uEoWmJ/8E3hKud7JF0KESPI6jz8zYiUDJX:uWn+uE1M/yuHVlPIh0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ade70518f7ac8416ed28bd33112ac17e

Files

ade70518f7ac8416ed28bd33112ac17e
.exe windows:4 windows x86 arch:x86

e56caf37b0e5aedf4c9f0aff17f4d1e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\pecie\obkk.pdb

Imports

user32

SubtractRect
GetMenu
FindWindowExW
DrawAnimatedRects
CreateIconIndirect
GetClassLongW
ActivateKeyboardLayout
LoadMenuIndirectA
CallMsgFilterW
GetMonitorInfoA
EndMenu
OpenWindowStationW
ShowWindow
EnumDesktopWindows
CreateWindowExA
CharLowerBuffW
DdeKeepStringHandle
OemToCharW
DdeAbandonTransaction
SwitchDesktop
SetMessageExtraInfo
DdeQueryConvInfo
GetQueueStatus
GetPropA
InsertMenuItemA
PaintDesktop
GetWindowTextA
GetTopWindow
wvsprintfW
UnloadKeyboardLayout
EnumDisplayDevicesA
CharPrevExA
GetAsyncKeyState
MapVirtualKeyExA
GetClassInfoW
GetGUIThreadInfo
SendNotifyMessageW
GetDialogBaseUnits
RegisterClassA
TranslateAcceleratorA
SetWindowTextW
GetMenuStringW
DefFrameProcW
LoadCursorFromFileA
TrackMouseEvent
PostThreadMessageA
SetScrollPos
CreateDialogIndirectParamA
CreateIcon
LoadMenuW
DefDlgProcA
MsgWaitForMultipleObjectsEx
LoadAcceleratorsW
WindowFromPoint
DrawStateA
GetNextDlgGroupItem
SetMenuItemBitmaps
BeginPaint
CharNextExA
SetWindowPlacement
SetWinEventHook
ClipCursor
CreateAcceleratorTableA
SetFocus
CascadeWindows
EndDeferWindowPos
SetMenuItemInfoA
GetTabbedTextExtentA
RegisterClassExA
PeekMessageW

comdlg32

PrintDlgW
GetOpenFileNameA

shell32

ExtractAssociatedIconExA
SHGetSpecialFolderLocation
ShellAboutW

comctl32

ImageList_SetOverlayImage
ImageList_EndDrag
InitCommonControlsEx
ImageList_SetFilter
CreatePropertySheetPage
ImageList_GetIconSize

kernel32

InitializeCriticalSection
GetOEMCP
CreateMutexA
HeapDestroy
GetModuleFileNameA
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualAlloc
GetStdHandle
OpenMutexA
LCMapStringW
GetCPInfo
FreeEnvironmentStringsA
InterlockedExchange
TlsFree
TlsGetValue
RtlUnwind
HeapFree
SetLastError
GetLastError
VirtualProtect
GetACP
LeaveCriticalSection
CompareStringW
IsValidLocale
GetStringTypeW
WriteFile
GetCurrentProcessId
GetModuleHandleA
GetNamedPipeHandleStateA
EnterCriticalSection
GetTimeFormatA
HeapSize
GetModuleFileNameW
ReadFile
VirtualQuery
IsValidCodePage
GetTimeZoneInformation
CompareStringA
GetDateFormatA
GetCurrentProcess
GetCommandLineA
SetEnvironmentVariableA
GetStringTypeA
SetFilePointer
GetCurrentThreadId
DeleteCriticalSection
SetStdHandle
GetCommandLineW
GetStartupInfoW
GetSystemInfo
CloseHandle
GetEnvironmentStringsW
HeapCreate
LCMapStringA
MultiByteToWideChar
GetVersionExA
VirtualFree
GetFileType
SetHandleCount
WideCharToMultiByte
EnumSystemLocalesA
FlushFileBuffers
LoadLibraryA
GetUserDefaultLCID
FreeEnvironmentStringsW
HeapAlloc
ExitProcess
HeapReAlloc
GetLocaleInfoW
ExitThread
GetTickCount
UnhandledExceptionFilter
TlsSetValue
TerminateProcess
GetLocaleInfoA
GlobalLock
TlsAlloc
GetStartupInfoA
GetEnvironmentStrings
GetProcAddress
IsBadWritePtr
GetCurrentThread

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e56caf37b0e5aedf4c9f0aff17f4d1e8

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

shell32

comctl32

kernel32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 112KB - Virtual size: 124KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 112KB - Virtual size: 124KB

.rsrc
Size: 16KB - Virtual size: 15KB