0ee8d26c8c2c6dad15eb0f3d7ae4e6b5193434c651bc65830458bcaec1455e71

Sharing

Copy URL Twitter E-mail

General

Target

0ee8d26c8c2c6dad15eb0f3d7ae4e6b5193434c651bc65830458bcaec1455e71
Size

10.2MB
MD5

90bbfa62d1694c54b3dc68c71bbc2348
SHA1

947a62e2a68275d5cc1e23e7ca1c8655c9b51ea0
SHA256

0ee8d26c8c2c6dad15eb0f3d7ae4e6b5193434c651bc65830458bcaec1455e71
SHA512

f2b0164f83e7836198af21b14f511acde3d0d7309fff948e3f1451558dcf7c0c3bb6e7542f48ade1149233fb4f18f9341effa59aca57ca076cd0027c438871d3
SSDEEP

3072:/OAm+nhizNcAssReaTufTNdFWiTCV9Op8r4VlAIRT2eC4FCYKXhApkXdZRpDGGU1:/B3aPb4lAqtoxdRpCGUzKV9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee8d26c8c2c6dad15eb0f3d7ae4e6b5193434c651bc65830458bcaec1455e71

Files

0ee8d26c8c2c6dad15eb0f3d7ae4e6b5193434c651bc65830458bcaec1455e71
.dll windows:4 windows x86 arch:x86

0b0c63422624d0fd8e6b4a44484d5bbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
MapViewOfFile
UnmapViewOfFile
MultiByteToWideChar
SetLastError
OpenFileMappingA
VirtualFree
IsBadReadPtr
QueryPerformanceFrequency
ExitThread
InterlockedExchange
OpenEventA
OpenMutexA
WaitForSingleObject
SetEvent
ReleaseMutex
GetSystemDirectoryA
CreateFileMappingA
VirtualProtect
VirtualQuery
GetExitCodeThread
GetLastError
ResumeThread
InterlockedCompareExchange
GetThreadContext
SetThreadContext
SuspendThread
WriteFile
SetFilePointer
lstrcatA
lstrcpyA
FreeLibrary
FlushFileBuffers
SetStdHandle
ReadFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
TlsFree
GetCurrentThread
Sleep
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
GetCurrentProcessId
CloseHandle
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
CreateThread
TlsSetValue
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
RaiseException
ExitProcess
TerminateProcess
HeapSize
TlsAlloc

user32

TranslateAcceleratorA
GetForegroundWindow
GetWindow
CopyIcon
GetWindowTextA
EnumWindows
ScreenToClient
IsIconic
GetWindowPlacement
GetKeyState
SystemParametersInfoA
GetFocus
GetActiveWindow
GetCursorPos
GetWindowThreadProcessId
CallWindowProcA
CallNextHookEx
GetWindowRect
GetClassLongW
GetClassLongA
SetWindowLongW
SetWindowLongA
DefWindowProcA
GetClientRect
ClientToScreen
GetAsyncKeyState
ReleaseCapture
MapVirtualKeyA
SetFocus
TranslateMessage
DestroyCursor
GetIconInfo
IsWindowUnicode
GetWindowLongA
GetWindowLongW
SendMessageTimeoutA
PostMessageA
SendMessageA
GetMessageTime
DrawIcon
GetDC
ReleaseDC
GetParent
IsWindow
SetCursorPos

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
ExtTextOutA
DeleteDC
GetObjectA
GetDIBits

Exports

Exports

Init
User32SetWindowLongA
User32SetWindowLongW

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b0c63422624d0fd8e6b4a44484d5bbe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 20KB - Virtual size: 98KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 20KB - Virtual size: 98KB

.reloc
Size: 12KB - Virtual size: 11KB