0b56675a3f02363efb758765b4ab1c2e70f306c28c9edc0e8f296cd7eb991eabN

Sharing

Copy URL

Twitter E-mail

General

Target

0b56675a3f02363efb758765b4ab1c2e70f306c28c9edc0e8f296cd7eb991eabN
Size

217KB
MD5

849eea866f831753fec014e1099f7e70
SHA1

870eee8830e93e763aeb7ec716d669fed4815b8a
SHA256

0b56675a3f02363efb758765b4ab1c2e70f306c28c9edc0e8f296cd7eb991eab
SHA512

678645cd6a6a2b95fded9e304331da185043d5d1835a106e60599089efe6cb8a9faf4dd868ed2b65b6aa6ff7d18db1c8d95643a0a3aa1ed33339af15b700c563
SSDEEP

6144:rnyiqVQBf0EaIp8fkTJJsK1eEzEB1XjrkXb5:kEdp8csKpE7XXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b56675a3f02363efb758765b4ab1c2e70f306c28c9edc0e8f296cd7eb991eabN

Files

0b56675a3f02363efb758765b4ab1c2e70f306c28c9edc0e8f296cd7eb991eabN
.exe windows:4 windows x86 arch:x86

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
EnumDateFormatsW
GetLogicalDrives
lstrlen
lstrcpynW
GetDateFormatW
GetEnvironmentStringsW
GetVersionExA
SetThreadPriority
LocalAlloc
GetAtomNameA
GetShortPathNameW
LoadLibraryA
GetWindowsDirectoryW
GetEnvironmentVariableA
AddAtomA
GetDiskFreeSpaceA
GlobalFindAtomA
GetModuleFileNameA
GetHandleInformation
GetModuleHandleA
CompareFileTime
MoveFileA
SearchPathW
GetLogicalDriveStringsA
SetPriorityClass
OpenProcess
FatalAppExitA
GetLongPathNameW
IsValidCodePage
IsDebuggerPresent
lstrcmpW
GetProcAddress
SetCurrentDirectoryA
GetShortPathNameA
LoadLibraryW
SetErrorMode
RaiseException
EndUpdateResourceA

user32

GetWindowRgn
GetMenuItemInfoA
GetClassInfoA
GetMenu
LoadMenuIndirectW
UpdateWindow
ClientToScreen
WaitMessage
FrameRect
ArrangeIconicWindows
CreatePopupMenu
GetMenuStringA
MessageBoxIndirectW
RegisterClassExA
WaitForInputIdle
CreateDialogIndirectParamW
FlashWindow
GetMenuItemInfoW
EnumDesktopsW
IsChild
EmptyClipboard
CreateDialogParamW
EnumDesktopsA
DialogBoxIndirectParamA
EndDialog
CharNextW
DefDlgProcW
IsWindow
DrawTextW
PeekMessageA
GetWindowRect
ReleaseDC

gdi32

GetPath
CreateSolidBrush
GetRgnBox
SetMiterLimit
SetBrushOrgEx
GetMetaRgn
GetDeviceGammaRamp
GetDeviceCaps
FrameRgn
CreateFontIndirectA
OffsetClipRgn
GetCharWidth32A
AnimatePalette
SetDCBrushColor
UpdateICMRegKeyA
SetLayout
FillRgn
CreateMetaFileA
PtVisible
GetEnhMetaFilePaletteEntries
ExtEscape
EndPath
GetClipBox

advapi32

RegReplaceKeyW
RegCreateKeyExW
RegSaveKeyW
RegEnumValueA
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegReplaceKeyA
RegRestoreKeyW
RegSetValueW

shlwapi

SHSkipJunction
UrlCanonicalizeA
DllGetVersion
PathIsPrefixA
PathParseIconLocationA

wininet

InternetSetPerSiteCookieDecisionW
InternetSetOptionW
InternetSetCookieW
FindNextUrlCacheContainerA
FindFirstUrlCacheEntryW
InternetWriteFileExW
CreateUrlCacheContainerA
FtpCommandA
InternetCanonicalizeUrlW
InternetAutodial
GopherCreateLocatorW
InternetSetOptionExA
DeleteIE3Cache
HttpEndRequestW
InternetCrackUrlW
FtpSetCurrentDirectoryA

winspool.drv

QuerySpoolMode
AddPrinterW
OpenPrinterW
GetDefaultPrinterW
DocumentPropertiesW
AddPortExA
AbortPrinter
SetPrinterDataA
SetPrinterW

inetcomm

MimeEditDocumentFromStream
HrDoAttachmentVerb
MimeOleGetFileInfo
MimeOleCreateHashTable
MimeGetAddressFormatW
MimeOleSMimeCapsToDlg
MimeOleAlgStrengthFromSMimeCap
CreateNNTPTransport

oledlg

OleUIChangeSourceA
OleUIPasteSpecialW
OleUIUpdateLinksW
OleUIPromptUserW
OleUIObjectPropertiesW
OleUIConvertA
OleUIChangeSourceW
OleUIAddVerbMenuW
OleUIInsertObjectW

wsock32

WSAAsyncGetProtoByNumber
recv
htons
AcceptEx
recvfrom
GetAcceptExSockaddrs
WSAStartup
rexec
TransmitFile
gethostbyname

crypt32

CertNameToStrW
CertGetValidUsages
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CryptSIPRemoveProvider
CryptGetDefaultOIDFunctionAddress
CryptBinaryToStringW
CryptAcquireCertificatePrivateKey
CryptUnregisterOIDInfo

Sections

.rdata
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

wininet

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.rdata Size: 1KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 2KB

.edata Size: 1KB - Virtual size: 32KB

.edata Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 33KB

.edata Size: 1KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 25KB

.data Size: 11KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 23KB

.edata Size: 1KB - Virtual size: 12KB

.rsrc Size: 172KB - Virtual size: 172KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 2KB

.edata
Size: 1KB - Virtual size: 32KB

.edata
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 33KB

.edata
Size: 1KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 25KB

.data
Size: 11KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 23KB

.edata
Size: 1KB - Virtual size: 12KB

.rsrc
Size: 172KB - Virtual size: 172KB

.reloc
Size: 1024B - Virtual size: 4KB