b75cf0e97b163cbb9ad483ef9f4d4348

Sharing

Copy URL Twitter E-mail

General

Target

b75cf0e97b163cbb9ad483ef9f4d4348
Size

500KB
MD5

b75cf0e97b163cbb9ad483ef9f4d4348
SHA1

1a589fc41d68c8c55ac938a762d19d5e81bfce50
SHA256

2ee344153863d93e6ff67cf986373440fc334f17d7419a40f22b6862593d82ed
SHA512

a37045349ef1d384e2796773914c1d821e81c02fbb61c0a36301ae56a1399cd32b4a00af77cb851a3c8f93fa1420232ff5d4482b967c393073c6ecf0d706f370
SSDEEP

12288:J7WZkrI0tiHc+lcgXyhN/xk8aWaseZDwK0p/qVO5HMc/OmAgunjSaXzgpPjEZ0WI:JukUxxlcdw8WDwK0p/qVO5HMc/OmAguC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b75cf0e97b163cbb9ad483ef9f4d4348

Files

b75cf0e97b163cbb9ad483ef9f4d4348
.exe windows:4 windows x86 arch:x86

a213ee9d1a2c9504810475369a73359f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\msoaa\eoseutea\kxjawpl

Imports

shell32

SHBrowseForFolderW
CommandLineToArgvW
SHAddToRecentDocs
ShellExecuteEx
SHGetSpecialFolderLocation

comdlg32

PageSetupDlgA
FindTextW

kernel32

GlobalHandle
EnumDateFormatsW
SetConsoleScreenBufferSize
SetEnvironmentVariableA
FindFirstFileExW
SetHandleCount
GetCurrentThreadId
CreateProcessW
InterlockedIncrement
RemoveDirectoryW
GetProcAddress
TlsSetValue
OpenMutexA
SetTimeZoneInformation
GetModuleFileNameA
GetLocaleInfoA
EnumResourceLanguagesW
WriteProfileSectionA
VirtualFree
LeaveCriticalSection
FlushViewOfFile
GetSystemDirectoryW
GetLocaleInfoW
GetDateFormatA
GlobalLock
HeapCreate
GetTempPathW
GetStdHandle
CreateMailslotA
GetOEMCP
GetConsoleScreenBufferInfo
GetStartupInfoA
WritePrivateProfileStringW
WriteConsoleW
EnumSystemLocalesA
GetConsoleCP
ReadConsoleW
CreateFileA
SetStdHandle
GetCurrentThread
InterlockedExchange
VirtualAlloc
MoveFileExA
CreateWaitableTimerA
ExitProcess
GetTickCount
lstrcmp
SetConsoleActiveScreenBuffer
GetProcessHeap
ReadFile
GetDateFormatW
GlobalFree
HeapReAlloc
OpenWaitableTimerW
TlsGetValue
GetCommandLineA
CompareStringA
GetCurrentProcessId
GetCompressedFileSizeW
LocalShrink
GetACP
GetProfileStringW
FreeEnvironmentStringsA
ContinueDebugEvent
GetUserDefaultLCID
GetCommandLineW
GetStartupInfoW
LoadLibraryA
UnhandledExceptionFilter
Sleep
GetEnvironmentStrings
DebugActiveProcess
GetStringTypeA
TlsAlloc
FlushFileBuffers
GetAtomNameW
SetConsoleCtrlHandler
GetEnvironmentStringsW
IsValidLocale
GlobalGetAtomNameW
GetComputerNameW
WriteFile
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
CreateMutexA
CloseHandle
GetPrivateProfileIntW
HeapDestroy
GetModuleFileNameW
SetLastError
GetTempPathA
WriteConsoleOutputCharacterW
GetDriveTypeW
WaitForMultipleObjects
HeapLock
VirtualQuery
GetCurrentProcess
IsDebuggerPresent
GetPrivateProfileStringA
GetConsoleOutputCP
WriteProfileSectionW
HeapAlloc
GetTimeZoneInformation
InitializeCriticalSection
TryEnterCriticalSection
GetDiskFreeSpaceExA
GetVersionExA
GetLongPathNameW
GetStringTypeW
EnumDateFormatsA
IsValidCodePage
WideCharToMultiByte
SetConsoleTextAttribute
SetConsoleWindowInfo
LCMapStringA
FreeLibrary
FreeEnvironmentStringsW
SetFilePointer
GetConsoleMode
OpenSemaphoreA
HeapFree
GetCPInfo
CompareStringW
GetTimeFormatA
TerminateProcess
MultiByteToWideChar
GetFileType
LCMapStringW
EnterCriticalSection
WriteConsoleA
GetModuleHandleA
DeleteCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
HeapSize
TlsFree
InterlockedDecrement
ReadFileEx

user32

GetScrollRange
DdeFreeDataHandle
RegisterClassExA
CreateWindowExA
ShowWindow
EnableMenuItem
GetForegroundWindow
GetTabbedTextExtentW
DefWindowProcW
ShowCaret
OpenInputDesktop
DdeQueryStringA
AnyPopup
CloseWindow
RegisterClassA
MessageBoxA
SetClipboardViewer
SendInput
LoadCursorA
DrawTextExA
GetWindowTextLengthA
SetScrollInfo
DestroyWindow

gdi32

GetKerningPairsW
PolyPolygon
DeleteObject
SetDIBitsToDevice
Pie
Chord
GetObjectW
SetMapMode
GdiSetBatchLimit
SetDeviceGammaRamp
GetTextExtentExPointA
DeleteDC
GetDeviceCaps
GetPixel
PolyBezier
CreateDCA

comctl32

ImageList_DrawIndirect
ImageList_LoadImageA
InitCommonControlsEx
CreateStatusWindow
CreateToolbar
ImageList_SetIconSize
CreatePropertySheetPageW
ImageList_DragMove
ImageList_GetImageRect
DrawInsert
ImageList_Draw
CreateToolbarEx
CreatePropertySheetPage
ImageList_GetDragImage
ImageList_LoadImage
ImageList_GetFlags
ImageList_SetFilter
ImageList_DragLeave
ImageList_GetBkColor
DrawStatusTextW
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_EndDrag
CreateUpDownControl
_TrackMouseEvent

wininet

InternetCloseHandle
SetUrlCacheEntryGroupA
FtpDeleteFileA
InternetGetConnectedStateEx
InternetTimeFromSystemTimeA
InternetSetOptionW
FtpCommandA
CreateUrlCacheContainerW

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a213ee9d1a2c9504810475369a73359f

Headers

File Characteristics

PDB Paths

Imports

shell32

comdlg32

kernel32

user32

gdi32

comctl32

wininet

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 108KB - Virtual size: 113KB

.rsrc Size: 108KB - Virtual size: 104KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 108KB - Virtual size: 113KB

.rsrc
Size: 108KB - Virtual size: 104KB