0bf2bed9e3d93d55e96aa1d43d2982e069d681339881836583128ab4a46e83ceN

Sharing

Copy URL Twitter E-mail

General

Target

0bf2bed9e3d93d55e96aa1d43d2982e069d681339881836583128ab4a46e83ceN
Size

288KB
MD5

c1c0dde324a928475e6c7be57f32bbd0
SHA1

7775897483f5f1b7b8662b86254854c51723e37a
SHA256

0bf2bed9e3d93d55e96aa1d43d2982e069d681339881836583128ab4a46e83ce
SHA512

d70c70390b1009ad4bcd24ea1a0ec37b46135d62cbca847e14e499dd55b0b6a0e37f3b110c3a9a3512277e3c01952f69069418367ef2947df67ace0fd3a1fb83
SSDEEP

1536:prmGBDE46nlvFXy67kAVHv/c35ccq9bOpQRlNrXnbQ9T+mibstHFzG61c6:p5B4nlvhpVv/U5ccq9bOpQ3Y9VtHJd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bf2bed9e3d93d55e96aa1d43d2982e069d681339881836583128ab4a46e83ceN

Files

0bf2bed9e3d93d55e96aa1d43d2982e069d681339881836583128ab4a46e83ceN
.exe windows:4 windows x86 arch:x86

e0371f3014b4095c1eeb11d56f9cf4af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
lstrcatA
DeleteFileA
MoveFileA
GetCurrentProcess
SetFilePointer
WriteFile
CreateFileA
GetTempPathA
FreeLibrary
LoadLibraryA
CompareStringW
CompareStringA
SetPriorityClass
SetThreadPriority
CloseHandle
ResumeThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA

user32

wsprintfA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qcetbxn
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 176KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0371f3014b4095c1eeb11d56f9cf4af

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 51KB

.rsrc Size: 32KB - Virtual size: 32KB

qcetbxn Size: - Virtual size: 4KB

.text Size: 176KB - Virtual size: 180KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 32KB - Virtual size: 32KB

qcetbxn
Size: - Virtual size: 4KB

.text
Size: 176KB - Virtual size: 180KB