0c0e230773a345412bc15904da23da9c

Sharing

Copy URL Twitter E-mail

General

Target

0c0e230773a345412bc15904da23da9c
Size

92KB
MD5

0c0e230773a345412bc15904da23da9c
SHA1

3958beeb29a6093f6e1352e69d9f4815c440d774
SHA256

e1d73121b48e26a9524f3c07f9fba855d208303a03cdb3387e86e3cb53a54bda
SHA512

0e3b46f0b3c002d7d34cb44330bdd621596ced9ac6aac7c9ec5612684be716071b35b0109963f44390530d0a4d0fa3683b4efebc8ef410d9ce5cea76a16c3d53
SSDEEP

1536:3X6FMxGknDwI+vjWs9CrNRVFrYKLK85E3Gy72ZkggBTKURjKAL:n6FRSz+vjWQCJRVFmXGUMLIKURjKAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c0e230773a345412bc15904da23da9c

Files

0c0e230773a345412bc15904da23da9c
.exe windows:4 windows x86 arch:x86

44da1f921e41a0ff3f11c4a275257916

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Locate_DevNodeA
CM_Create_DevNodeA

kernel32

FindNextFileA
FindFirstFileA
MultiByteToWideChar
SetLastError
CopyFileA
SetFileAttributesA
MoveFileA
DeleteFileA
GetProcAddress
LoadLibraryA
GetTempPathA
FreeLibrary
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
FindClose
TlsSetValue
TlsAlloc
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
LCMapStringA
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetFilePointer
GetLocaleInfoA
GetVersionExA
SetStdHandle
FlushFileBuffers
ReadFile
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetLocaleInfoW
HeapReAlloc
RemoveDirectoryA
CreateDirectoryA
GetFileAttributesA
GetWindowsDirectoryA
GetModuleFileNameA
CreateMutexA
GetLastError
CloseHandle
GetCurrentThreadId

user32

EndDialog
MessageBoxA
DialogBoxParamA
SetWindowTextA
SetDlgItemTextA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupIterateCabinetA
SetupOpenInfFileA
SetupDiGetINFClassA
SetupCloseInfFile
SetupGetStringFieldA
SetupFindNextLine
SetupCopyOEMInfA
SetupFindFirstLineA

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44da1f921e41a0ff3f11c4a275257916

Headers

File Characteristics

Imports

cfgmgr32

kernel32

user32

advapi32

shell32

setupapi

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 39KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 39KB