osa_dd_ipmi_jap410a_winsrvr_32-64[.]exe

General

Target

osa_dd_ipmi_jap410a_winsrvr_32-64.exe
Size

6.2MB
MD5

e4db1dce6880e460bc4d9e77d7f04623
SHA1

83f379d06db0c115df9b633b178c7b0c01e138b5
SHA256

e21ed521a34e7c5c15b5f3913e01fe74c3a535690d088b2726f170d5b617e74d
SHA512

38fddb43f1ca284eb1971fa126cfc18cff2ffa6bed915e6cd2576d103b9ad82d485a979646e45db10142c3e5a2291685d805641f5b22a08411ae02e7eaf6c07f
SSDEEP

98304:YSeTjJrZdkK82Rdn/3ez4qRgTxxJhTP/R7DDCDw8vcZeQMBKb2FeXNYJqsI8iqrt:UjRkKx/OMrTPZDmP0ZM+2FeNOJiat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
osa_dd_ipmi_jap410a_winsrvr_32-64.exe

Files

osa_dd_ipmi_jap410a_winsrvr_32-64.exe
.exe windows x86

431d3445d91345cab410fa01153990d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CreateDirectoryA
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
GetSystemInfo
GetCurrentProcess
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
LoadLibraryA
ExitProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
RtlUnwind
CloseHandle
GetFileType
GetLastError
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
GetFullPathNameA
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
WaitForSingleObject
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
SetUnhandledExceptionFilter
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WideCharToMultiByte
HeapSize
SetStdHandle
SetEndOfFile
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
FlushFileBuffers
GetExitCodeProcess
CreateProcessA
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation

user32

MessageBoxA

shell32

SHFileOperationA
ShellExecuteExA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

431d3445d91345cab410fa01153990d4

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 16KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 16KB