0f630c5d768aee75b4144daaa74a89520692e2d59fe82218761ee059c189b31e[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0f630c5d768aee75b4144daaa74a89520692e2d59fe82218761ee059c189b31e.exe
Size

227KB
MD5

2d660754cbc9c029d20d1d7cddedb00b
SHA1

c7a4ce61e85edcb8916a95e65b1902971d1f919d
SHA256

0f630c5d768aee75b4144daaa74a89520692e2d59fe82218761ee059c189b31e
SHA512

80490048c8abe0f024f1fbe3a2cf063a1267796647538eccf007b1f61977aa5eb6b39669693f53b279f5d21bb25451c2c21ae989c59ca11722ae57977bd7441a
SSDEEP

6144:SgGdKtGiFdcPv1d2W6Jk+YGRPGSD4mnfOdxL/spE2Wo:pSi39Jk+5RPHnOLsK2Wo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f630c5d768aee75b4144daaa74a89520692e2d59fe82218761ee059c189b31e.exe

Files

0f630c5d768aee75b4144daaa74a89520692e2d59fe82218761ee059c189b31e.exe
.exe windows:4 windows x86 arch:x86

af45b2c27905c85ae9e5238112ac352e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
LocalAlloc
GlobalDeleteAtom
ReplaceFileW
GetMailslotInfo
GetVolumeInformationW
GetTimeFormatW
GetModuleHandleW
GetCalendarInfoW
CreateEventW
EndUpdateResourceW
ExpandEnvironmentStringsA
GetExpandedNameA
CompareStringW
OpenSemaphoreW
MoveFileW
OpenFile
Sleep
GetWindowsDirectoryA
FatalAppExitW
GetProcAddress
SetLastError
GlobalAlloc
GetExitCodeProcess
QueryPerformanceFrequency
GetThreadLocale
CreateFileMappingW
GetPriorityClass
GlobalGetAtomNameW
lstrcat
lstrcpynW
FreeLibrary
GetSystemTime
CompareStringA
LoadLibraryA
OpenEventA
ExitThread
lstrlenA
SetThreadPriority
ConnectNamedPipe
GetLocalTime
IsDebuggerPresent
lstrlenW
CreateMutexA
OpenEventW
lstrcmpi

user32

GetDC
GetDC
SendMessageW
LoadMenuA
CallWindowProcA
AdjustWindowRect
SetCapture
GetClassLongW
InsertMenuA
DialogBoxIndirectParamA
GetWindowTextA
GetMenu
MonitorFromWindow
DefDlgProcA
ShowWindow
CheckMenuItem
GetActiveWindow
wvsprintfW
GetWindowTextLengthW
ShowCaret
GetClassNameW
SendDlgItemMessageW
GetWindowTextLengthA
GetClassInfoA
CopyIcon
CloseWindow
GetDlgItem
IsCharUpperA

gdi32

GetMetaFileW
UnrealizeObject
EqualRgn
GdiGetBatchLimit
GetEnhMetaFileDescriptionW
SetPixelFormat
SetDCPenColor
SetRectRgn
SetMetaRgn
DrawEscape
InvertRgn
SetColorSpace
DeleteObject
EnumFontsA
GetMapMode
SetViewportOrgEx
GetOutlineTextMetricsA

advapi32

RegEnumValueA
RegCreateKeyW
RegQueryValueW
RegCreateKeyExA
RegQueryInfoKeyW
RegSaveKeyA
RegOpenKeyExW

shlwapi

UrlCompareW
PathCompactPathExA
SHAutoComplete
AssocQueryStringByKeyA
DllGetVersion
PathRemoveArgsA
StrNCatA
SHRegGetBoolUSValueA
HashData
PathMakeSystemFolderW
PathSkipRootA
PathAddBackslashW
StrFormatByteSizeA
StrRStrIW

winmm

mixerGetLineControlsW
midiStreamPosition
waveOutGetErrorTextA
mciGetDeviceIDA
mmioSendMessage
waveOutGetPosition
tid32Message
mciSendCommandA
mmioClose
waveOutGetNumDevs

sqlunirl

_LoadBitmap@8
_RegUnLoadKey_@8
_PolyTextOut_@12
_lstrcpy_@8
_DlgDirList_@20
_WriteConsoleInput_@16
_PeekMessage@20
_CreateMDIWindow_@40
_GetSystemDirectory_@8
_SetFileAttributes_@8
_SetICMProfile_@8
_NDdeGetErrorString_@12
_CompareString_@24

Sections

.Cupa
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xaS
Size: 3KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FTD
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OT
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PGFqsp
Size: 4KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.T
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NrDF
Size: 5KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J
Size: 512B - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JJ
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af45b2c27905c85ae9e5238112ac352e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

winmm

sqlunirl

Sections

.Cupa Size: 7KB - Virtual size: 7KB

.xaS Size: 3KB - Virtual size: 220KB

.FTD Size: 84KB - Virtual size: 83KB

.OT Size: 14KB - Virtual size: 14KB

.PGFqsp Size: 4KB - Virtual size: 138KB

.T Size: 4KB - Virtual size: 18KB

.NrDF Size: 5KB - Virtual size: 166KB

.J Size: 512B - Virtual size: 435KB

.JJ Size: 83KB - Virtual size: 83KB

.data Size: 11KB - Virtual size: 29KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.Cupa
Size: 7KB - Virtual size: 7KB

.xaS
Size: 3KB - Virtual size: 220KB

.FTD
Size: 84KB - Virtual size: 83KB

.OT
Size: 14KB - Virtual size: 14KB

.PGFqsp
Size: 4KB - Virtual size: 138KB

.T
Size: 4KB - Virtual size: 18KB

.NrDF
Size: 5KB - Virtual size: 166KB

.J
Size: 512B - Virtual size: 435KB

.JJ
Size: 83KB - Virtual size: 83KB

.data
Size: 11KB - Virtual size: 29KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B