c8e3106a296c87389117f41c05bdffe6

Sharing

Copy URL Twitter E-mail

General

Target

c8e3106a296c87389117f41c05bdffe6
Size

548KB
MD5

c8e3106a296c87389117f41c05bdffe6
SHA1

a16132d4716a1ad13ee081b8fdc17be9d5187100
SHA256

3e634e73751a34d93adbdf00ffbe1d9c50e70f420514b3173e2e978eafd3febf
SHA512

d6a8d56a1864cfaaa4c508de818c5d74fe73cb1e548690984981d1a8ed58e59163f3a9f8ba54801c5d9420a6e967d02b28f6b8668e620de231a68f11bada1387
SSDEEP

12288:CDpqSJXvPB33SVm0ttbmfR1FAnFXLkXgqumFHgpUD7:C/1pSVfmfFiLEApUD7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e3106a296c87389117f41c05bdffe6

Files

c8e3106a296c87389117f41c05bdffe6
.exe windows:4 windows x86 arch:x86

3ffe454cf8561511866be4715b933542

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ofh.pdb

Imports

kernel32

CommConfigDialogW
GlobalDeleteAtom
TlsSetValue
GetSystemInfo
GetProfileSectionA
OutputDebugStringW
GetLocaleInfoW
HeapReAlloc
IsValidCodePage
GetStartupInfoA
TerminateProcess
SetHandleCount
CreateDirectoryA
IsBadWritePtr
GetCurrencyFormatW
GetStartupInfoW
WriteProfileSectionW
LoadLibraryA
CompareStringW
SetLastError
lstrcatW
VirtualLock
LeaveCriticalSection
GetACP
SetSystemTime
TlsFree
GetStdHandle
lstrlenW
DebugBreak
GetProcessShutdownParameters
DeleteCriticalSection
GetTickCount
GetFileType
GetEnvironmentVariableA
InterlockedExchange
HeapFree
GetEnvironmentStringsW
EnumSystemLocalesA
GetModuleFileNameA
SetConsoleWindowInfo
VirtualAlloc
CreateDirectoryExW
GetStringTypeW
GetCommandLineW
GetCPInfo
IsValidLocale
ReleaseMutex
GetConsoleTitleW
FlushFileBuffers
GetCommandLineA
ReadFile
GetLocaleInfoA
WriteConsoleA
WritePrivateProfileSectionW
VirtualQuery
HeapAlloc
GetDateFormatA
FoldStringA
SetStdHandle
LocalFlags
GetModuleHandleA
WriteFile
CreateMutexA
GlobalAlloc
ContinueDebugEvent
GetEnvironmentStrings
EnterCriticalSection
SetFileAttributesA
TlsAlloc
GetSystemDirectoryA
GetVolumeInformationW
GetVersionExA
VirtualProtect
SetEnvironmentVariableA
CreateSemaphoreW
SetWaitableTimer
SetLocaleInfoW
HeapDestroy
TlsGetValue
LCMapStringW
CompareStringA
CreateDirectoryW
UnhandledExceptionFilter
InitializeCriticalSection
GetUserDefaultLCID
GetTempPathW
SetComputerNameA
CloseHandle
FreeEnvironmentStringsW
GlobalCompact
QueryPerformanceCounter
GetCurrentProcess
GetProfileIntW
GetLastError
GlobalLock
GetFileAttributesExW
FindNextChangeNotification
RtlUnwind
GlobalSize
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentThread
WideCharToMultiByte
GetTimeFormatA
MultiByteToWideChar
GetTempFileNameA
GetTimeZoneInformation
WriteConsoleOutputAttribute
RemoveDirectoryA
GetProcAddress
GetPriorityClass
ExitProcess
OpenMutexA
CreateToolhelp32Snapshot
SetFilePointer
LocalLock
VirtualFree
HeapSize
GetStringTypeA
WriteConsoleW
HeapCreate
FindFirstFileA
GetCurrentProcessId
EnumResourceTypesW
FreeEnvironmentStringsA
GetCurrentThreadId
FoldStringW
LCMapStringA
IsDebuggerPresent
GetAtomNameA
AddAtomA
GetModuleFileNameW
GetCompressedFileSizeW
FlushViewOfFile
lstrcmpiA

user32

GetFocus
IsZoomed
GetMessageW
DlgDirListComboBoxW
MapVirtualKeyExA
AnimateWindow
IntersectRect
MessageBeep
CreateWindowStationW
CloseWindow
DestroyIcon
SetDeskWallpaper
WINNLSGetIMEHotkey
LoadBitmapW
GetListBoxInfo
MapVirtualKeyA
UnhookWindowsHook
SetWindowRgn
RegisterClassA
ShowCursor
ExcludeUpdateRgn
ChangeMenuW
CopyIcon
GetMenuItemInfoA
MoveWindow
DdePostAdvise
DdeQueryStringA
SetWindowsHookA
RegisterClassExA
DrawFrameControl
IsCharAlphaA
ShowWindow
GetMenuBarInfo
GetInputDesktop
DdeUninitialize
ValidateRect
LoadAcceleratorsA
RemoveMenu
DrawAnimatedRects
ToAscii
SetTimer
CreateWindowExA
DestroyWindow
DefWindowProcA
EnumWindows
MapVirtualKeyW
GetMenuInfo
DrawIconEx
DispatchMessageA
EnumDesktopWindows
IsWindowUnicode
WinHelpA
FlashWindowEx
MessageBoxA
DdeInitializeA
ChangeMenuA
GetSystemMenu
DdeQueryConvInfo
GetMenuItemRect
GetMenuState

shell32

ExtractIconA
CommandLineToArgvW
RealShellExecuteExA

comctl32

ImageList_Merge
ImageList_GetDragImage
CreateUpDownControl
CreateToolbar
CreatePropertySheetPage
_TrackMouseEvent
ImageList_Create
ImageList_AddIcon
InitCommonControlsEx
CreateStatusWindowW
ImageList_Copy
ImageList_GetImageInfo
DrawStatusTextW
InitMUILanguage
ImageList_GetImageRect
DrawStatusTextA
ImageList_BeginDrag
ImageList_LoadImageA
ImageList_Read
ImageList_ReplaceIcon
CreateStatusWindowA

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ffe454cf8561511866be4715b933542

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 116KB - Virtual size: 136KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 116KB - Virtual size: 136KB

.rsrc
Size: 12KB - Virtual size: 8KB