b05b732403ed69afd6b9200d7c9ebc70bf267b7f25f1011b6ba1c97e2befc309

Sharing

Copy URL Twitter E-mail

General

Target

b05b732403ed69afd6b9200d7c9ebc70bf267b7f25f1011b6ba1c97e2befc309
Size

216KB
MD5

cb21b8634406021b3a4b0606432038c4
SHA1

549457047ad838798a580d861c52bad2cc084c44
SHA256

b05b732403ed69afd6b9200d7c9ebc70bf267b7f25f1011b6ba1c97e2befc309
SHA512

0314f469c6d6f9d0e20e71ec91068d92d7b7176388d17f3c4b9a0d139169868f77cae10b5aa6e66e80535b6a778c48b3681411a0e2cea557931a9fe313d0bfb5
SSDEEP

3072:30JU36aiKzQMQfVO8EI9ltEBVHwVnzuXVkRRqRC+ho+y+wI:30JNahhQNT6TqKV/RC+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05b732403ed69afd6b9200d7c9ebc70bf267b7f25f1011b6ba1c97e2befc309

Files

b05b732403ed69afd6b9200d7c9ebc70bf267b7f25f1011b6ba1c97e2befc309
.exe windows:4 windows x86 arch:x86

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
CoUninitialize
CoInitializeEx
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoCreateInstance

kernel32

DeleteCriticalSection
lstrcpyA
GetCurrentProcess
OpenProcess
GetExitCodeProcess
GetExitCodeThread
DuplicateHandle
CloseHandle
Sleep
GetProcAddress
CreateEventA
GetCurrentThreadId
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
lstrlenA
GetWindowsDirectoryA
GetFileAttributesA
lstrcatA
CopyFileA
GetModuleFileNameA
DeleteFileA
WaitForSingleObject
CreateMutexA
ResumeThread
CreateThread
TerminateThread
FindResourceA
GetLocaleInfoA
lstrcpynA
LoadResource
InterlockedIncrement
InterlockedDecrement
GetSystemTimeAsFileTime
GetCommandLineA
SizeofResource
IsDBCSLeadByte
GetACP
MultiByteToWideChar
RaiseException
InterlockedExchange
GetLastError
SetLastError
GetThreadLocale
GetModuleHandleA
LoadLibraryExA
GetVersionExA
GlobalSize
GlobalAlloc
GlobalFree
CreateFileA
WriteFile
FindResourceExA
LockResource
LoadLibraryA
CreateDirectoryA
GetTempPathA
GetVolumeInformationA
GetLocalTime
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadContext
SetThreadContext
CreateProcessA
FlushInstructionCache
GetShortPathNameA
VirtualProtectEx
WriteProcessMemory
SetFilePointer
SetFileTime
ReadFile
GetFileTime
TerminateProcess
Process32First
Process32Next
CreateToolhelp32Snapshot
VirtualFree
VirtualAlloc
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GetFileAttributesExA
GetStartupInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
IsBadWritePtr
HeapSize
GetOEMCP
GetCPInfo
RtlUnwind
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
LocalFree
EnterCriticalSection
lstrcmpiA
lstrlenW
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
FreeLibrary
lstrcmpA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetTickCount
VirtualFreeEx

user32

MsgWaitForMultipleObjects
CharNextA
TranslateMessage
GetMessageA
SetTimer
IsChild
KillTimer
IsWindowEnabled
SetWinEventHook
wsprintfA
EnumWindows
GetWindowLongA
GetDesktopWindow
IsWindowVisible
GetWindowModuleFileNameA
GetWindowThreadProcessId
wvsprintfA
DispatchMessageA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA

oleaut32

VarBstrCat
SysAllocStringByteLen
SysStringLen
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysStringByteLen
SysAllocString
SysAllocStringLen

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 88KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 88KB - Virtual size: 98KB

.rsrc Size: 4KB - Virtual size: 512B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 88KB - Virtual size: 98KB

.rsrc
Size: 4KB - Virtual size: 512B

.reloc
Size: 12KB - Virtual size: 9KB