0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee

Sharing

Copy URL Twitter E-mail

General

Target

0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
Size

4.3MB
MD5

9acaab883fea1da9e4fcbebeb389040f
SHA1

9cad9033d75a92cc2e063111ad526768f697019f
SHA256

0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
SHA512

e000ba298721c8e9f838420fd2f76aba1b00b161edbc2e14585795fc83364ba21f04ea8e3d38dca43450f86116e537bdb58b4385d606feed6a2f60975b467c54
SSDEEP

98304:LF0XEk/vJPeSBHoIXBhycV9lUX+qcJxzrWLtJTmePv3HOc5WVWnP84kMNmS:LEEy82oIXhEX/qOLqe3SWnZkMX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee

Files

0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
.exe windows:4 windows x86 arch:x86

0ad098e4807773be743e209166ff46f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameA
GetFileSize
CreateFileA
GetTickCount
GetEnvironmentVariableA
DeleteFileA
MoveFileA
WriteFile
GetStdHandle
ReadConsoleA
GetVersionExA
FreeLibrary
LoadLibraryA
LCMapStringA
GetProcessHeap
SetConsoleMode
ReadConsoleInputA
FlushFileBuffers
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
Sleep
GetExitCodeProcess
ReadFile
PeekNamedPipe
CloseHandle
CreateProcessW
CreatePipe
MultiByteToWideChar
lstrcpyn
GetProcAddress
IsBadReadPtr
GetModuleHandleA
GlobalSize
GetConsoleMode
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetCPInfo
GetACP
GetOEMCP
SetUnhandledExceptionFilter
IsBadCodePtr

user32

PeekMessageA
CreateDialogIndirectParamA
UpdateWindow
GetMessageA
SendMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowTextA
GetDlgItem
ShowWindow
SetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
wsprintfA
MessageBoxA
CallWindowProcA
WaitForInputIdle

advapi32

RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ad098e4807773be743e209166ff46f0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4.2MB - Virtual size: 4.2MB