d0bc3072a017d0530371c3a263e32b0db3eebffcc7c4099d2678d39ee26a73a7

Sharing

Copy URL

Twitter E-mail

General

Target

d0bc3072a017d0530371c3a263e32b0db3eebffcc7c4099d2678d39ee26a73a7
Size

1.2MB
MD5

a21f1b0246976d5217a498de945bee79
SHA1

b13939d46afc71db2bf7c47ebedd6f3a0b1a0d44
SHA256

d0bc3072a017d0530371c3a263e32b0db3eebffcc7c4099d2678d39ee26a73a7
SHA512

378ddc6ae5c295896103c05e217c171807b0ce1e9757bc8ba0d973491d3225793378eeccb766b4e5369d053cd4d944d338e5e21f39558e9f7e5222c23420ddda
SSDEEP

24576:/J/94IkAJHjv1RIAhjLoamMiX4lNmZg0YxegPbUIDPP:/BugJHFjLoyEkmZ9Y14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0bc3072a017d0530371c3a263e32b0db3eebffcc7c4099d2678d39ee26a73a7

Files

d0bc3072a017d0530371c3a263e32b0db3eebffcc7c4099d2678d39ee26a73a7
.exe windows:5 windows x86 arch:x86

a69481701a63309c2ccd3f707a04e1ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapSize
VirtualProtect
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

ws2_32

ntohl
WSAAsyncGetServByPort
WSAEnumProtocolsA
WSASetServiceW
WSCUnInstallNameSpace

winmm

midiOutLongMsg
midiStreamStop
midiInGetErrorTextA
mixerGetNumDevs
auxSetVolume
PlaySoundW

comdlg32

PrintDlgExW
ChooseFontA
ChooseColorA
GetFileTitleW
PageSetupDlgW
GetOpenFileNameW

setupapi

SetupDiSetDriverInstallParamsA
SetupDiEnumDeviceInfo
SetupDiGetClassImageIndex
SetupGetMultiSzFieldW
SetupFindNextLine
SetupRemoveInstallSectionFromDiskSpaceListA

rtm

MgmTakeInterfaceOwnership
RtmGetNextRoute
MgmInitialize
RtmIsRoute

crypt32

CertDeleteCertificateFromStore
CertGetIssuerCertificateFromStore
CertRDNValueToStrW

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a69481701a63309c2ccd3f707a04e1ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

winmm

comdlg32

setupapi

rtm

crypt32

Sections

.text Size: 84KB - Virtual size: 84KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 299KB - Virtual size: 310KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 8KB

.data Size: 771KB - Virtual size: 771KB

.text
Size: 84KB - Virtual size: 84KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 299KB - Virtual size: 310KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 8KB

.data
Size: 771KB - Virtual size: 771KB