b0ae5e2a91aed738d02d9cfb5a958ac5

Sharing

Copy URL Twitter E-mail

General

Target

b0ae5e2a91aed738d02d9cfb5a958ac5
Size

6KB
MD5

b0ae5e2a91aed738d02d9cfb5a958ac5
SHA1

b79494dfbb6abf6ba3a312f3aa0a2e5c841ba759
SHA256

1cf2832b9d222992d888bbf39ffaf20d6a6e591378d9bd19ab5a269bc212053c
SHA512

c4bcf572930e33b0ebdbdf3597afe7d365266ba991c1101cbd11864a17ef29a4b7c2a397cfeacac1e88753abb1f192455c79afec3bd76c958c9fec1b58cbda2e
SSDEEP

48:qK/UxQ06TceD1oq2hZsht5rtjceD+GEJgNIMWTIbwIEB+vb2uy6bpzjGjLERZcLV:l/O8pFbZZ8gnCsvb2s38cGwoZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0ae5e2a91aed738d02d9cfb5a958ac5

Files

b0ae5e2a91aed738d02d9cfb5a958ac5
.exe windows:6 windows x86 arch:x86

fa91405d30e4548924d9a2da4a39197c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect

mpr

WNetConnectionDialog
WNetGetNetworkInformationA
WNetAddConnection3A
WNetCancelConnection2W
WNetGetResourceInformationA
WNetAddConnection2W

msvfw32

DrawDibRealize
ICImageDecompress
DrawDibEnd

avifil32

AVIStreamSampleToTime
AVIStreamFindSample
AVIStreamRelease
EditStreamClone

shell32

SHGetDesktopFolder
ShellExecuteW
ExtractIconEx

msacm32

acmDriverAddA
acmFormatSuggest
acmFormatEnumA
acmDriverDetailsA
acmFormatDetailsW
XRegThunkEntry
acmFormatTagEnumA
acmStreamMessage
acmFormatDetailsA

mscms

TranslateBitmapBits
GetCMMInfo
GetColorProfileHeader

msi

ord163
ord79
ord110
ord75
ord27
ord164

mapi32

ord131
ord62
ord18
ord152

setupapi

SetupDiRemoveDeviceInterface
SetupQueueDeleteSectionW
SetupDiGetHwProfileFriendlyNameExA

user32

MessageBoxW

Sections

.text
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa91405d30e4548924d9a2da4a39197c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mpr

msvfw32

avifil32

shell32

msacm32

mscms

msi

mapi32

setupapi

user32

Sections

.text Size: 512B - Virtual size: 330B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 100B

.text
Size: 512B - Virtual size: 330B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 100B