0f11b95b8b5d4b9e955c19ee484ff6242c59d649ce9b38f3d44b055e53eda31dN

Sharing

Copy URL Twitter E-mail

General

Target

0f11b95b8b5d4b9e955c19ee484ff6242c59d649ce9b38f3d44b055e53eda31dN
Size

150KB
MD5

fecd6793362d5a149d63205d0c26e460
SHA1

4cb4b44e1726d27adaa573dfccebdde23a18edbc
SHA256

0f11b95b8b5d4b9e955c19ee484ff6242c59d649ce9b38f3d44b055e53eda31d
SHA512

171cc6a6b790ed004d616760c57889ac88d186b8fc3fc0260a71f9cee209acabdf6a0819eb8b1ecec32b638b363103b9e2f4b14229cfccebf6d448e462467603
SSDEEP

3072:XBjGh2g+2OyMuL/ZcQDCmiF7zZQyTG2yTL2npN/0NNb2Ta8oJskkrmL:Rj82H23RLCQWmA7zZrTGZceNKNoJsby

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f11b95b8b5d4b9e955c19ee484ff6242c59d649ce9b38f3d44b055e53eda31dN

Files

0f11b95b8b5d4b9e955c19ee484ff6242c59d649ce9b38f3d44b055e53eda31dN
.exe windows:4 windows x86 arch:x86

14eccf18abda18729b029f84cbac868f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
EnumResourceLanguagesA
ExitProcess
FreeResource
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
HeapAlloc
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
RemoveDirectoryA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsFree
lstrcpynA

user32

GetDC
LoadAcceleratorsA
LoadBitmapA
MessageBoxA
DrawCaption
DefDlgProcA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegQueryValueA

ole32

GetRunningObjectTable
OleUninitialize
ProgIDFromCLSID
RegisterDragDrop
OleInitialize
OleLockRunning
CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoInitialize
CoRegisterMessageFilter
CoTaskMemRealloc
CoUninitialize
CreateOleAdviseHolder

wininet

InternetQueryDataAvailable
InternetSetFilePointer
InternetSetOptionExA
InternetSetStatusCallbackA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetOpenA

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteW
ShellExecuteExW
SHBindToParent

Sections

.text
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14eccf18abda18729b029f84cbac868f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 43KB - Virtual size: 44KB

.rdata Size: 47KB - Virtual size: 48KB

.data Size: 49KB - Virtual size: 52KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

.text
Size: 43KB - Virtual size: 44KB

.rdata
Size: 47KB - Virtual size: 48KB

.data
Size: 49KB - Virtual size: 52KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB