0ea3b490a5a1574bf795e8eaafe914981327aa26f3ca8641220dee5df14ea72a

Sharing

Copy URL

Twitter E-mail

General

Target

0ea3b490a5a1574bf795e8eaafe914981327aa26f3ca8641220dee5df14ea72a
Size

3.7MB
MD5

f7a5b0ec66976a2aa1471fbf7c4955cc
SHA1

fb6e2298999c9e7c523b5a6c9d71f4bbec0447c3
SHA256

0ea3b490a5a1574bf795e8eaafe914981327aa26f3ca8641220dee5df14ea72a
SHA512

c44b039229deda9795313f449928163e3401754093251389e7f687c31b5be35ac837ba9c579625ec8304cf3f72d9621e045e708c4627cff8ca26f5428c8de325
SSDEEP

49152:87C7JxwrBsL1YVVeQ2LWcZccgRgYr+Z0SY0SxmlrDoBls2RHZXOXB32Zf9YpYy8h:MkxwVs6VVeQ2xZccgRgYh2YIi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ea3b490a5a1574bf795e8eaafe914981327aa26f3ca8641220dee5df14ea72a

Files

0ea3b490a5a1574bf795e8eaafe914981327aa26f3ca8641220dee5df14ea72a
.dll windows:4 windows x86 arch:x86

87fb7eff12389ec2c1edfc10d3c7b77b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindFirstFileA
GlobalUnlock
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
GetFileAttributesA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
InterlockedIncrement

user32

SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
OpenClipboard
PostMessageA
GetTopWindow
GetClipboardData
CloseClipboard
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
wsprintfA
IsWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
IsIconic
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture

gdi32

GetClipBox
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleInitialize
OleUninitialize
CLSIDFromString

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_Destroy
ord17

ws2_32

recv
getpeername
accept
recvfrom
ioctlsocket
WSAAsyncSelect
closesocket
inet_ntoa
WSACleanup

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Exports

Exports

AddCRCustomData
AdobeCrashReporterEnableSignalHandling
Crash
CrashReporterInitialize
DisableCRDunamisExitEventCapture
GenericLogImpl
GenericLogImplM
GetCRDialogOptions
GetCRLastErrorCode
GetCRReportSendPreference
GetPlatformInterface
HandledExceptionLog
HttpsDownloadFile
HttpsFreeMemory
HttpsGetWithResponse
InitCrashReporter
Initialize
LeaveBreadCrumbUserDefine
LogGetOutputLevel
LogSetOption
LogSetOutputLevel
OnetimeSendCrashReport
Pause
Resume
SendCRErrorEventToDunamis
SetAppExtraData
SetAppIntegrityLevelLow
SetCRDialogOptions
SetCRDialogScalingFactor
SetCRDialogUserEmail
SetCRDisplayName
SetCRHighbeamSessionId
SetCRHighbeamSessionInfo
SetCRIMSUserGuid
SetCRLocale
SetCRParentWnd
SetCRPostHandler
SetCRPostHandlerPassingExceptionInfoAndContext
SetCRPosthandlerThreadPreference
SetCRPreHandler
SetCRReportSendPreference
SetCRSessionNonGenuine
SetCRSignatureVerificationPreference
SetDunamisExitNormal
SetDunamisSessionId
SetDunamisSourceAppName
ShowCRDialogOnlyOnFirstCrash
ShowCRNativeDialogOnCrash
StopNCCrashReporter
TestCrash
UnityMain
UpdateAppVersion
UpdateServerProperty
hgeCreate
initialize
initializeWithCallback
sentry_add_breadcrumb
sentry_capture_event
sentry_clear_crashed_last_run
sentry_clear_modulecache
sentry_close
sentry_end_session
sentry_envelope_free
sentry_envelope_get_event
sentry_envelope_get_transaction
sentry_envelope_serialize
sentry_envelope_write_to_file
sentry_event_add_exception
sentry_event_add_thread
sentry_event_value_add_stacktrace
sentry_flush
sentry_free
sentry_get_crashed_last_run
sentry_get_modules_list
sentry_handle_exception
sentry_init
sentry_malloc
sentry_new_function_transport
sentry_options_add_attachment
sentry_options_add_attachmentw
sentry_options_free
sentry_options_get_auto_session_tracking
sentry_options_get_ca_certs
sentry_options_get_debug
sentry_options_get_dist
sentry_options_get_dsn
sentry_options_get_environment
sentry_options_get_http_proxy
sentry_options_get_max_breadcrumbs
sentry_options_get_max_spans
sentry_options_get_release
sentry_options_get_require_user_consent
sentry_options_get_sample_rate
sentry_options_get_shutdown_timeout
sentry_options_get_symbolize_stacktraces
sentry_options_get_traces_sample_rate
sentry_options_get_transport_thread_name
sentry_options_new
sentry_options_set_auto_session_tracking
sentry_options_set_backend
sentry_options_set_before_send
sentry_options_set_ca_certs
sentry_options_set_database_path
sentry_options_set_database_pathw
sentry_options_set_debug
sentry_options_set_dist
sentry_options_set_dsn
sentry_options_set_environment
sentry_options_set_handler_path
sentry_options_set_handler_pathw
sentry_options_set_http_proxy
sentry_options_set_logger
sentry_options_set_max_breadcrumbs
sentry_options_set_max_spans
sentry_options_set_on_crash
sentry_options_set_release
sentry_options_set_require_user_consent
sentry_options_set_sample_rate
sentry_options_set_shutdown_timeout
sentry_options_set_symbolize_stacktraces
sentry_options_set_system_crash_reporter_enabled
sentry_options_set_traces_sample_rate
sentry_options_set_transport
sentry_options_set_transport_thread_name
sentry_reinstall_backend
sentry_remove_context
sentry_remove_extra
sentry_remove_fingerprint
sentry_remove_tag
sentry_remove_user
sentry_sdk_name
sentry_sdk_user_agent
sentry_sdk_version
sentry_set_context
sentry_set_extra
sentry_set_fingerprint
sentry_set_level
sentry_set_span
sentry_set_tag
sentry_set_transaction
sentry_set_transaction_object
sentry_set_user
sentry_shutdown
sentry_span_finish
sentry_span_iter_headers
sentry_span_remove_data
sentry_span_remove_tag
sentry_span_set_data
sentry_span_set_status
sentry_span_set_tag
sentry_span_start_child
sentry_start_session
sentry_transaction_context_new
sentry_transaction_context_remove_sampled
sentry_transaction_context_set_name
sentry_transaction_context_set_operation
sentry_transaction_context_set_sampled
sentry_transaction_context_update_from_header
sentry_transaction_finish
sentry_transaction_iter_headers
sentry_transaction_remove_data
sentry_transaction_remove_tag
sentry_transaction_set_data
sentry_transaction_set_name
sentry_transaction_set_status
sentry_transaction_set_tag
sentry_transaction_start
sentry_transaction_start_child
sentry_transport_free
sentry_transport_new
sentry_transport_set_flush_func
sentry_transport_set_free_func
sentry_transport_set_shutdown_func
sentry_transport_set_startup_func
sentry_transport_set_state
sentry_unwind_stack
sentry_unwind_stack_from_ucontext
sentry_user_consent_get
sentry_user_consent_give
sentry_user_consent_reset
sentry_user_consent_revoke
sentry_uuid_as_bytes
sentry_uuid_as_string
sentry_uuid_from_bytes
sentry_uuid_from_string
sentry_uuid_is_nil
sentry_uuid_new_v4
sentry_uuid_nil
sentry_value_append
sentry_value_as_double
sentry_value_as_int32
sentry_value_as_string
sentry_value_decref
sentry_value_freeze
sentry_value_get_by_index
sentry_value_get_by_index_owned
sentry_value_get_by_key
sentry_value_get_by_key_owned
sentry_value_get_length
sentry_value_get_type
sentry_value_incref
sentry_value_is_frozen
sentry_value_is_null
sentry_value_is_true
sentry_value_new_bool
sentry_value_new_breadcrumb
sentry_value_new_double
sentry_value_new_event
sentry_value_new_exception
sentry_value_new_int32
sentry_value_new_list
sentry_value_new_message_event
sentry_value_new_null
sentry_value_new_object
sentry_value_new_stacktrace
sentry_value_new_string
sentry_value_new_thread
sentry_value_refcount
sentry_value_remove_by_index
sentry_value_remove_by_key
sentry_value_set_by_index
sentry_value_set_by_key
sentry_value_set_stacktrace
sentry_value_to_json
sentry_value_to_msgpack

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/1028/string.txt
.rsrc/1029/string.txt
.rsrc/1031/string.txt
.rsrc/1033/DIALOG/103
.rsrc/1033/DIALOG/104
.rsrc/1033/DIALOG/105
.rsrc/1033/DIALOG/106
.rsrc/1033/DIALOG/107
.rsrc/1033/DIALOG/108
.rsrc/1033/DIALOG/111
.rsrc/1033/MANIFEST/1
.xml
.rsrc/1033/string.txt
.rsrc/1033/version.txt
.rsrc/1036/string.txt
.rsrc/1040/string.txt
.rsrc/1041/string.txt
.rsrc/1042/string.txt
.rsrc/1043/string.txt
.rsrc/1045/string.txt
.rsrc/1046/string.txt
.rsrc/1049/string.txt
.rsrc/1055/string.txt
.rsrc/2052/string.txt
.rsrc/29/string.txt
.rsrc/3076/string.txt
.rsrc/3082/string.txt
.text

Sharing

General

Malware Config

Signatures

Files

87fb7eff12389ec2c1edfc10d3c7b77b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 526KB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 72KB - Virtual size: 134KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 76KB - Virtual size: 75KB

.text
Size: 528KB - Virtual size: 526KB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 72KB - Virtual size: 134KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 76KB - Virtual size: 75KB