b8d808dec707371eb7c43c055bbac1a2

Sharing

Copy URL Twitter E-mail

General

Target

b8d808dec707371eb7c43c055bbac1a2
Size

190KB
MD5

b8d808dec707371eb7c43c055bbac1a2
SHA1

ec158713d282edcad9afd3d0bb82642fd509f876
SHA256

1ae8a0207e8a964057d09ebe6363af1a5a12d187f35487b14951f91b796b81fe
SHA512

956590b4f46f50ccb174272176382c033e14d82e7c1e655936518fb1866b196accaa1e4732b4dece7d8d5ef9d8bd9b40acb0c910ad4a308511e2e48b03b071a9
SSDEEP

3072:OTUCu0oBR2ccq4vU6lLiDKlczydKPCh1I9UMKkNpeqv1mxxd:OTUCudWtHUGiDUhdV12ekN4qvIxx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d808dec707371eb7c43c055bbac1a2

Files

b8d808dec707371eb7c43c055bbac1a2
.exe windows:4 windows x86 arch:x86

7b2ba589715451128b644f815ce6859b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
OleFlushClipboard
OleUninitialize
CoRetireServer
CoInitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromProgID
OleInitialize
OleIsCurrentClipboard
CoTaskMemFree
CoGetClassObject
CreateILockBytesOnHGlobal
CLSIDFromString

shlwapi

PathFileExistsW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW
PathAppendW

user32

CharNextW
SendDlgItemMessageA
MessageBeep
RemovePropW
CopyAcceleratorTableW
CreateWindowExW
InvalidateRgn
CharUpperW
WinHelpW
GetNextDlgTabItem
SetPropW
RegisterWindowMessageW
GetPropW
SetRect
InvalidateRect
GetClassInfoExW
IsRectEmpty
GetNextDlgGroupItem
GetClassLongW
DestroyMenu

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetCalendarInfoW
GetModuleFileNameW
EnumResourceLanguagesW
RemoveDirectoryW
GetSystemDefaultLangID
MoveFileW
LocalFileTimeToFileTime
DeleteFileW
GetFileAttributesW
FindNextFileW
FindClose
InterlockedDecrement
WriteFile
CreateDirectoryW
GetCurrentDirectoryW
EnumResourceNamesA
ReadFile
SystemTimeToFileTime
ExitProcess
ConvertDefaultLocale
lstrcpyW
SetFileTime
GetCurrentProcessId
CreateFileW
GetVersion
FindFirstFileW
SetFilePointer
GetLocaleInfoW
LoadLibraryW
GetProcAddress

gdi32

GetBkColor
OffsetViewportOrgEx
GetStockObject
ExtSelectClipRgn
DeleteDC
TextOutW
SelectObject
ScaleViewportExtEx
SetWindowExtEx
RectVisible
ScaleWindowExtEx
GetDeviceCaps
GetTextColor
Escape
ExtTextOutW
PtVisible
GetMapMode
SetViewportOrgEx
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b2ba589715451128b644f815ce6859b

Headers

File Characteristics

Imports

ole32

shlwapi

user32

kernel32

gdi32

shell32

advapi32

oleacc

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 79KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 79KB

.edata
Size: 1024B - Virtual size: 116KB