be0b3ba988a20d55babdede4da4d4665

Sharing

Copy URL

Twitter E-mail

General

Target

be0b3ba988a20d55babdede4da4d4665
Size

268KB
MD5

be0b3ba988a20d55babdede4da4d4665
SHA1

0012b6e57c3e25b24510d2e853700023886688f0
SHA256

3f3dba748fdbf02d0b8eb7d91ac1d6290bb5deeb1aafff5ac0dd93fbee1a8a92
SHA512

a94106a050baccab6fe282e0182d68494ad589703b6243983b4f82bb31f575041e827c8b3f36526e478c95b2563c5daef8d06908339beb98e4ae4b93b82d8cc9
SSDEEP

6144:YZg95gX629XfrhgkhX3EP+/LMdhX3EP+/LMwasL9TM9u:T9L29vP9TW9T/a8TAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be0b3ba988a20d55babdede4da4d4665

Files

be0b3ba988a20d55babdede4da4d4665
.exe windows:4 windows x86 arch:x86

0ae56b52a23a35b4bec31c4fd2a43bdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
FormatMessageA
GetVersionExA
FreeLibrary
LocalFree
RemoveDirectoryA
FindNextFileA
DeleteFileA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcatA
GetUserDefaultLangID
FindFirstFileA
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
GetTimeZoneInformation
CreateFileA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
WriteFile
ReadFile
HeapSize
HeapReAlloc
LCMapStringW
LCMapStringA
GetModuleFileNameA
GetPrivateProfileStringA
GlobalFree
FindClose
GetSystemDirectoryA
GetLastError
Sleep
GetCommandLineA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
RtlUnwind
GetStartupInfoA
GetModuleHandleA
MultiByteToWideChar
SetCurrentDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
GetVersion
HeapFree
HeapAlloc
CloseHandle
GetCPInfo
GetACP
GetOEMCP

user32

RegisterClassA
SetForegroundWindow
ShowWindow
MessageBoxA
FindWindowA
LoadStringA
DestroyWindow
IsDialogMessageA
IsWindow
DispatchMessageA
TranslateMessage
wsprintfA
PeekMessageA
GetSysColor
SendDlgItemMessageA
ClientToScreen
SetWindowTextA
GetClientRect
EndDialog
InvalidateRect
GetDC
ReleaseDC
DefWindowProcA
DialogBoxParamA
CreateDialogParamA
SetDlgItemTextA
GetDlgItem
SendMessageA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
CreateWindowExA

gdi32

RealizePalette
SelectPalette
SetBrushOrgEx
UnrealizeObject
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA

comctl32

InitCommonControlsEx
ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��.3Fr
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ae56b52a23a35b4bec31c4fd2a43bdb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

version

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 96KB - Virtual size: 92KB

��.3Fr Size: 84KB - Virtual size: 84KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 96KB - Virtual size: 92KB

��.3Fr
Size: 84KB - Virtual size: 84KB