f0b65c94e0d63be8cac1ee0128e028394ccf1283afa743132254f47e45a2fcd9

Sharing

Copy URL Twitter E-mail

General

Target

f0b65c94e0d63be8cac1ee0128e028394ccf1283afa743132254f47e45a2fcd9
Size

179KB
MD5

c9638af2c2a2c23da67538f197fa8075
SHA1

8d5b08fc79bac6ad79d21fde81b4895d466ae5e2
SHA256

f0b65c94e0d63be8cac1ee0128e028394ccf1283afa743132254f47e45a2fcd9
SHA512

485daaab43b5a7d49ef416b2e405a4c49b240096ef396af1e5741668877ddf954b85a2dfa5d16733399582331f55967970b5a267653a9e2e82be7fd5c56b3edc
SSDEEP

3072:DW/idcImhSNDNY8DDjgCIjEIv2b2SXcsNYNSBrPcLXMBfXk7Mae:C/idyE5YeDjgjj5vEc4YocLcJk7M3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b65c94e0d63be8cac1ee0128e028394ccf1283afa743132254f47e45a2fcd9

Files

f0b65c94e0d63be8cac1ee0128e028394ccf1283afa743132254f47e45a2fcd9
.exe windows:6 windows x86 arch:x86

d325640621fa45d28af5fe2109a108c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadTimes
GetTickCount
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
ReadFile
SetConsoleMode
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WriteFile

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_exit
_fmode
_initterm
_iob
_lock
_onexit
_snwprintf
_vsnprintf
calloc
exit
fclose
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fread
free
fwprintf
fwrite
getenv
isspace
isxdigit
malloc
memchr
memcmp
memcpy
memmove
memset
putchar
puts
raise
realloc
signal
sprintf
sscanf
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strspn
strtol
strtoul
_unlock
abort
atoi
tolower
ungetc
vfprintf
wcscpy
_strdup

user32

GetCapture
GetClipboardOwner
GetCursorPos
GetForegroundWindow
GetQueueStatus
MessageBoxW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d325640621fa45d28af5fe2109a108c0

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 141KB - Virtual size: 141KB

.data Size: 1024B - Virtual size: 876B

.rdata Size: 27KB - Virtual size: 27KB

.bss Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 141KB - Virtual size: 141KB

.data
Size: 1024B - Virtual size: 876B

.rdata
Size: 27KB - Virtual size: 27KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 4KB - Virtual size: 3KB