0bde3e3aea4166caf8e4b181355178af

General

Target

0bde3e3aea4166caf8e4b181355178af
Size

3.4MB
MD5

0bde3e3aea4166caf8e4b181355178af
SHA1

c401088a87651a0aaa4476d4a97a6f72ad79fd4b
SHA256

46222d6c269be306094ed15f471cae457309bd98ef46d54fcc16acaf75814e2e
SHA512

367de47f47bbec34c77c684cf60429bb87d9a2a3fa30e697be4fd1fae1b832e16bc2e04397a16c875807fccad20510fab204d8df6aa7b0259fbece22c33960c5
SSDEEP

98304:Y1xfmXPs5aQEzpsi5MmcNZIB0N1OPZozB:Y1BeWJyMxDNcPZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bde3e3aea4166caf8e4b181355178af

Files

0bde3e3aea4166caf8e4b181355178af
.exe windows:4 windows x86 arch:x86

c2bb2e81a6f608d20c8aa54aeb251a82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
GetTickCount
SetLastError
HeapFree
LocalFree
LeaveCriticalSection
WaitForSingleObject
GetProcessHeap
CreateFileW
ExitProcess
GetStdHandle
IsDebuggerPresent
FindClose
ReadFile
RaiseException
SetEvent
GetFileType
InitializeCriticalSection
FlushFileBuffers
TlsSetValue
LoadLibraryW
LoadLibraryExW
TlsFree
GetFileAttributesW
CompareStringW
GetOEMCP
SetStdHandle
FreeEnvironmentStringsW
FindNextFileW
FindFirstFileW
VirtualAlloc
GetConsoleCP
GetCommandLineA
DecodePointer
OutputDebugStringW
EncodePointer
LoadLibraryA
GetModuleHandleExW
GetLocaleInfoW
CreateDirectoryW
GetFullPathNameW
LoadResource
UnmapViewOfFile
GetExitCodeProcess
ExpandEnvironmentStringsW
CreateProcessW

user32

DispatchMessageW
PostQuitMessage
GetWindowLongW
GetDlgItem
PostMessageW
EnableWindow
IsWindow
LoadCursorW
SetWindowTextW
SetTimer
SetFocus
PeekMessageW
EndPaint
SetCursor
KillTimer
UpdateWindow
SystemParametersInfoW
GetKeyState
MessageBoxA
CharUpperW

Sections

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2bb2e81a6f608d20c8aa54aeb251a82

Headers

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 3.4MB - Virtual size: 3.4MB

.idata Size: 2KB - Virtual size: 1KB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB