0c602879753c68b8780cc04df81f7211e3adb94206b1a299877f986e893768ef

Sharing

Copy URL Twitter E-mail

General

Target

0c602879753c68b8780cc04df81f7211e3adb94206b1a299877f986e893768ef
Size

4.8MB
MD5

194162d9bdcfbcf5205b1a04f74b6464
SHA1

b1cd162d4ef59794519f6d4024b9ff4052538317
SHA256

0c602879753c68b8780cc04df81f7211e3adb94206b1a299877f986e893768ef
SHA512

f4512a40bc1793e0cd689cf33bd9ccc72cb1b3e10958233a2b20e27594b3dbdcff114ef8abc501b1c4f8ddf39e78a4f437517476b069e88841c5770c438678b8
SSDEEP

98304:pUa6CY9h0nO1PUT+Ei7qfqejFauLbma9nyok6EHKuaAirrjVB2X2ncmnDZ:93nmY+j7qf1bLbma9yocKDVl4Bmn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c602879753c68b8780cc04df81f7211e3adb94206b1a299877f986e893768ef

Files

0c602879753c68b8780cc04df81f7211e3adb94206b1a299877f986e893768ef
.exe windows x86

fb5ddbb83437ec5b535d550352e213c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateSemaphoreA
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
SetLastError
SetFileTime
GetTickCount
GetModuleHandleW
GetSystemDirectoryA
GetSystemDirectoryW
GetTempPathA
GetTempPathW
GetWindowsDirectoryA
GetWindowsDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
CreateFileW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
MoveFileA
CloseHandle
FindClose
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleHandleA
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileSize
WriteFile
ReadFile
SetEndOfFile
SetFilePointer
CreateFileA
CompareFileTime
FileTimeToSystemTime
DeleteCriticalSection
GetFileInformationByHandle
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
FileTimeToLocalFileTime
SetConsoleCtrlHandler
GetConsoleMode
SetConsoleMode
Sleep
CreateProcessW
GetCommandLineW
GetFileAttributesW
CopyFileW
MoveFileExW
SetFileApisToOEM
HeapSize
WriteConsoleW
GetStringTypeW
SetStdHandle
WaitForSingleObjectEx
WaitForSingleObject
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
GetLastError
GetVersionExA
VirtualFree
MoveFileW
VirtualAlloc
OutputDebugStringW
OutputDebugStringA
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetFileAttributesExW
ExitProcess
GetCommandLineA
GetACP
HeapFree
HeapAlloc
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
HeapReAlloc
ReadConsoleW
SetFilePointerEx
FindFirstFileExA
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
DecodePointer

user32

CharToOemA
CharUpperW
CharUpperA
CharPrevExA

advapi32

OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
QueryServiceStatus

oleaut32

SysFreeString
VariantCopy
VariantClear
SysAllocStringLen
SysAllocString

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb5ddbb83437ec5b535d550352e213c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 493KB - Virtual size: 492KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 7KB - Virtual size: 28KB

.gfids Size: 512B - Virtual size: 416B

.rsrc Size: 280KB - Virtual size: 280KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 493KB - Virtual size: 492KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 7KB - Virtual size: 28KB

.gfids
Size: 512B - Virtual size: 416B

.rsrc
Size: 280KB - Virtual size: 280KB

.reloc
Size: 20KB - Virtual size: 20KB