0c1795d19624308286fc186333a1fcc9

Sharing

Copy URL Twitter E-mail

General

Target

0c1795d19624308286fc186333a1fcc9
Size

215KB
MD5

0c1795d19624308286fc186333a1fcc9
SHA1

07c2ecc59c4a9302476d3fc1f2a29a5d92c372ed
SHA256

e1ebbc1cc844c35100bee46919edb6b3deb08404f384e4e9010e29f54149dc8a
SHA512

f039a065f9a996f77e6bbd75d1aeedc453ac5d41d7ca4367ac7af8301eebd0b07ee317841ca96cd6d319b36faa83e00c2c8c647994e5e0fe8dad63bb2f693ea2
SSDEEP

3072:1g5lwN5LeiWIjeOYEFRA3JsS4C/FgRE3LcV1w0IBhLCfAdo5YffDmcOie5pB7nMR:wl4iy9O4C/uCbUwftoeJ3e5pBq1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c1795d19624308286fc186333a1fcc9

Files

0c1795d19624308286fc186333a1fcc9
.exe windows:5 windows x86 arch:x86

ff96839743cab08089eb9db190472e11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRoundRectRgn
GetCharWidth32W
CreateDiscardableBitmap
AddFontResourceW
LineTo
CreateBitmap
GetNearestColor
SetTextColor
StartDocW
GetTextCharsetInfo
GetTextExtentPointW
SetBrushOrgEx
GetTextExtentPointA
RealizePalette
MoveToEx

advapi32

SetSecurityDescriptorOwner
GetNumberOfEventLogRecords

kernel32

SetFileApisToOEM
DeviceIoControl
GetStartupInfoW
GlobalFindAtomW
lstrcmpiA
HeapValidate
TransactNamedPipe
CreateFileA
FileTimeToSystemTime
GetCommandLineW
GlobalCompact
GlobalGetAtomNameA
lstrcpyW
PulseEvent
CreateNamedPipeA
SizeofResource

msvcrt

_controlfp
wcsncpy
getenv
bsearch
__set_app_type
__p__fmode
gets
__p__commode
wcschr
calloc
_amsg_exit
_initterm
_acmdln
wcscat
exit
_ismbblead
_XcptFilter
localtime
_exit
fgetc
_cexit
__setusermatherr
__getmainargs
memcpy
wcslen

user32

DrawAnimatedRects
DialogBoxIndirectParamW
GetDlgCtrlID
IsCharUpperA
SendMessageW
GetKeyState
GetDialogBaseUnits
TrackPopupMenu
GetClassInfoW
LoadAcceleratorsA
CopyRect
SetTimer
DrawStateA
CharUpperW
IsCharAlphaW
GetMessageExtraInfo
GetClassLongW
GetAltTabInfoW
CreateDialogParamA
GetMenu
ModifyMenuW
CheckDlgButton
HideCaret
GetWindowRect
GetMessageTime
GetKeyboardLayoutNameW
CharToOemBuffA
DrawMenuBar
GetNextDlgGroupItem
CreatePopupMenu
ChildWindowFromPoint
GetPropW
EnumWindows
FrameRect
ShowWindowAsync
IsDlgButtonChecked
LoadBitmapW

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt
?ValidateSDKldjhJLD@@YGKEPA_WG@Z

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat_0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_1
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_2
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ydiag
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mem
Size: - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdiag
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff96839743cab08089eb9db190472e11

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.idat Size: 512B - Virtual size: 400B

.data Size: 3KB - Virtual size: 2KB

.dat_0 Size: 2KB - Virtual size: 2KB

.dat_1 Size: 512B - Virtual size: 280B

.dat_2 Size: 1024B - Virtual size: 766B

.ydiag Size: 512B - Virtual size: 70B

.mem Size: - Virtual size: 81KB

.xdiag Size: 512B - Virtual size: 28B

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 67KB - Virtual size: 66KB

.idat
Size: 512B - Virtual size: 400B

.data
Size: 3KB - Virtual size: 2KB

.dat_0
Size: 2KB - Virtual size: 2KB

.dat_1
Size: 512B - Virtual size: 280B

.dat_2
Size: 1024B - Virtual size: 766B

.ydiag
Size: 512B - Virtual size: 70B

.mem
Size: - Virtual size: 81KB

.xdiag
Size: 512B - Virtual size: 28B

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 2KB - Virtual size: 1KB