0bac204fce10180071ce4f2df9a993f260630fc5735ca49bd1768232b7233ac7

Sharing

Copy URL Twitter E-mail

General

Target

0bac204fce10180071ce4f2df9a993f260630fc5735ca49bd1768232b7233ac7
Size

527KB
MD5

ba20dc099780cf42faee7c0f235ff317
SHA1

a0ff9ce97de0278a6190f695b87940e4766dcb3b
SHA256

0bac204fce10180071ce4f2df9a993f260630fc5735ca49bd1768232b7233ac7
SHA512

d6f3d1d6c9e7b775d7eed9b2963986c5eb2c5b38bb796f5a28c1a9b6c702defb807e21ddab9be1e425b1fd2a7b76a5d97f8a12a9cab1d6af4d2711a2770fba78
SSDEEP

12288:lEglr2zBl8cLHssEsZfsMrTkrfLBDLOpWnyPcl1v/RM4t1hg:lfB6BvBsAEfLBDLmWnyPy1H9fh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bac204fce10180071ce4f2df9a993f260630fc5735ca49bd1768232b7233ac7

Files

0bac204fce10180071ce4f2df9a993f260630fc5735ca49bd1768232b7233ac7
.exe windows:4 windows x86 arch:x86

dc494f1db461f4b2a926c452be586eb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
QueryPerformanceCounter
GetNumberOfConsoleInputEvents
ReadConsoleInputA
Sleep
GetStdHandle
AllocConsole
CreateEventA
GetCurrentDirectoryA
GlobalMemoryStatus
GlobalFree
GlobalUnlock
GlobalLock
FreeConsole
CloseHandle
SetEvent
WaitForMultipleObjects
MapViewOfFile
UnmapViewOfFile
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterA
WriteConsoleInputA
SetConsoleWindowInfo
SetConsoleScreenBufferSize
GetLargestConsoleWindowSize
DeleteFileA
GlobalAlloc
WriteFile
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
GetStringTypeA
RtlUnwind
HeapCreate
FlushFileBuffers
GetFileType
SetHandleCount
ReadFile
SetFilePointer
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
QueryPerformanceFrequency
GetVersionExA
VirtualProtect
SetEndOfFile
CreateFileA
HeapFree
GetLastError
CreateDirectoryA
ExitProcess
GetProcAddress
HeapAlloc

user32

SetCapture
GetCursorPos
CreateWindowExA
AdjustWindowRectEx
DispatchMessageA
TranslateMessage
PeekMessageA
MessageBoxA
GetMessageA
MsgWaitForMultipleObjects
SetWindowPos
GetSystemMetrics
SendMessageA
UpdateWindow
ShowWindow
ShowCursor
ReleaseDC
MoveWindow
SetForegroundWindow
DestroyWindow
DefWindowProcA
ChangeDisplaySettingsA
PostQuitMessage
RegisterWindowMessageA
ReleaseCapture
SystemParametersInfoA
SetCursorPos
LoadCursorA
ClipCursor
LoadIconA
GetDC
EnumDisplaySettingsA
RegisterClassA

gdi32

GetDeviceCaps
ChoosePixelFormat
SwapBuffers
SetPixelFormat

opengl32

glBegin
glColor4f
glBindTexture
glVertex3fv
glTexCoord2f
glShadeModel
glTexEnvf
glColor4ub
glColor3ub
glColor3fv
glTexSubImage2D
glColor3f
glTexParameterf
glReadPixels
glVertex2f
glClear
glClearColor
glTexImage2D
glOrtho
glLoadIdentity
glMatrixMode
glViewport
wglGetProcAddress
glBlendFunc
glEnable
glDepthMask
wglGetCurrentDC
wglGetCurrentContext
wglCreateContext
glDisableClientState
glEnableClientState
glColor4ubv
glTexCoord2fv
glVertex3f
glFogfv
glFogf
glFogi
glAlphaFunc
glCullFace
glGetString
glDepthRange
glFrustum
glGetFloatv
glTranslatef
glRotatef
glDepthFunc
glColor4fv
glReadBuffer
glDrawBuffer
glEnd
wglDeleteContext
glDeleteTextures
wglMakeCurrent
glDisable
glFinish

winmm

mciSendCommandA
waveOutUnprepareHeader
waveOutReset
waveOutClose
joyGetDevCapsA
waveOutPrepareHeader
waveOutOpen
joyGetNumDevs
joyGetPosEx
waveOutWrite

wsock32

ioctlsocket
inet_addr
htonl
ntohs
bind
htons
WSASetBlockingHook
WSAUnhookBlockingHook
ntohl
WSACancelBlockingCall

comctl32

ord17

Sections

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 14.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc494f1db461f4b2a926c452be586eb4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

winmm

wsock32

comctl32

Sections

.text Size: 368KB - Virtual size: 368KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 75KB - Virtual size: 14.8MB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 73KB - Virtual size: 73KB

.text
Size: 368KB - Virtual size: 368KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 75KB - Virtual size: 14.8MB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 73KB - Virtual size: 73KB