0f42a42acd35013ea0946ca354606443a6a31cda269e34b377889df0678c8dda[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0f42a42acd35013ea0946ca354606443a6a31cda269e34b377889df0678c8dda.exe
Size

164KB
MD5

d6b65e725c98043d847cd07fee187a4a
SHA1

5f85f756045481762315d7e64ba32cf87651942c
SHA256

0f42a42acd35013ea0946ca354606443a6a31cda269e34b377889df0678c8dda
SHA512

78b9d8868e0731829475795277b7e6a9673195c9c022864b2dfe9a57405f736463769a3e4ba8bcb1e721ad9dd4df7e2cef380c32820e83b7c3ec64f5df9597db
SSDEEP

3072:fE/D6PZF2Z1rumCw0HYAbeQBpkI2dfZEQAIpg3bPfFyB8I48iLMMC:fSwPu5P0HYA1/kIMDa37tRAiLM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f42a42acd35013ea0946ca354606443a6a31cda269e34b377889df0678c8dda.exe

Files

0f42a42acd35013ea0946ca354606443a6a31cda269e34b377889df0678c8dda.exe
.exe windows:4 windows x86 arch:x86

3a325e8526b22f385818c5a0f853b31d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSeek
mmioClose
mmioWrite
mmioRead
mmioOpenW

kernel32

ResetEvent
EnterCriticalSection
GlobalFree
lstrcmpW
lstrlenA
DeleteCriticalSection
GetACP
GetSystemTimeAsFileTime
lstrcpyW
GlobalSize
GlobalReAlloc
MultiByteToWideChar
GetCurrentProcessId
LeaveCriticalSection
ReadFile
GetTickCount
WriteFile
lstrcpyA
lstrcatA
GetOverlappedResult
InitializeCriticalSection
GetLastError
lstrcpynW
GetFullPathNameW
LocalAlloc
GlobalAlloc
CreateFileW
GetFileSize
SetUnhandledExceptionFilter
GlobalUnlock
GetModuleHandleA
WideCharToMultiByte
SetErrorMode
MulDiv
QueryPerformanceCounter
LoadLibraryW
LocalFree
IsBadReadPtr
CloseHandle
GetDiskFreeSpaceW

msacm32

acmStreamConvert
acmFormatDetailsW
acmFormatSuggest
acmFormatTagDetailsW
acmStreamClose
acmStreamOpen
acmStreamUnprepareHeader
acmFormatChooseW
acmStreamPrepareHeader
acmMetrics
acmGetVersion
acmStreamSize

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
_purecall
_ftol
__getmainargs
malloc
free
__p__commode
_adjust_fdiv
mbstowcs
atoi
__set_app_type
exit
_initterm
_vsnwprintf

user32

MessageBoxW
PeekMessageW
DialogBoxParamW
LoadStringW
IsRectEmpty
SendMessageW
EndDialog
GetDC
SetRect
EnableWindow
SetDlgItemInt
MessageBeep
TranslateMessage
ReleaseDC
SetDlgItemTextW
wsprintfW
CheckDlgButton
GetDlgItem
SendDlgItemMessageW
CharPrevW
DestroyWindow
IsDlgButtonChecked
SetRectEmpty

ole32

OleGetClipboard
CoMarshalInterface
OleUninitialize
CoCreateInstance
CoUnmarshalInterface
CoGetMarshalSizeMax
CoGetMalloc
OleSetClipboard
OleInitialize
OleFlushClipboard
CreateStreamOnHGlobal
ReleaseStgMedium

msvfw32

ICGetDisplayFormat
ICSendMessage
ICDecompress
ICCompressorChoose
ICClose
ICCompress
ICOpen
ICGetInfo
ICCompressorFree

advapi32

RegEnumKeyW
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegOpenKeyW
RegQueryValueW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a325e8526b22f385818c5a0f853b31d

Headers

File Characteristics

Imports

winmm

kernel32

msacm32

msvcrt

user32

ole32

msvfw32

advapi32

Sections

.text Size: 100KB - Virtual size: 99KB

.idata Size: 40KB - Virtual size: 39KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 100KB - Virtual size: 99KB

.idata
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 23KB - Virtual size: 23KB