0c2833876d9e60ac5211d30a93c1b74c

Sharing

Copy URL Twitter E-mail

General

Target

0c2833876d9e60ac5211d30a93c1b74c
Size

594KB
MD5

0c2833876d9e60ac5211d30a93c1b74c
SHA1

1640ded2b73059668824b752346157b381ccb970
SHA256

64a736aef7bd6ffb0b3614468699c79f3721774061e869b4bde1979724ff0c57
SHA512

8195c51e6988d242a4b28ed87e27a591c2e3e280d1e49cd9912ce7393f5fdbeb17d835a4daf9de2ce8893e5dedd78ed56623874ef82211f54464452a8b873bc7
SSDEEP

12288:xuXyiYeYw9IXFy4zkswRsum3t48d/8QXrZnObfG0m2/I:xTVy44Zmur8d/8QXrZ8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c2833876d9e60ac5211d30a93c1b74c

Files

0c2833876d9e60ac5211d30a93c1b74c
.exe windows:5 windows x86 arch:x86

0c669b68b82cde1b6fb0d9b175027c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
SetTextColor
DeleteDC
BitBlt
SelectObject

user32

SetForegroundWindow
PostQuitMessage
SetWindowPos
DispatchMessageA
EndPaint
GetDC
SendMessageA
DestroyWindow
GetParent
UpdateWindow
DefWindowProcA
ShowWindow
TranslateMessage
GetWindow
IsIconic
GetWindowLongA
CreateWindowExA
FillRect
SetFocus
PeekMessageA
GetSystemMetrics
PostMessageA
ReleaseCapture
SetWindowLongA
GetDlgItem
ScreenToClient
LoadCursorA
GetDesktopWindow
ReleaseDC
MoveWindow
MessageBoxA
GetFocus
GetSysColor
EnableMenuItem

kernel32

RtlUnwind
GetEnvironmentVariableA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetStringTypeA
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
GetDiskFreeSpaceA
GetStringTypeW
SetFileAttributesA
GetOEMCP
VirtualAlloc
Sleep
VirtualFree
HeapCreate
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
HeapSize
GetCPInfo
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
HeapReAlloc
LCMapStringA
lstrlenA
GetSystemInfo
UnmapViewOfFile
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateFileW
CreateEventW
WaitForMultipleObjects
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
DeleteFileA
LCMapStringW
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
VirtualQuery
GetVersion
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
FormatMessageW
SetEvent

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c669b68b82cde1b6fb0d9b175027c7b

Headers

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 542KB - Virtual size: 542KB

.data Size: 22KB - Virtual size: 25KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 542KB - Virtual size: 542KB

.data
Size: 22KB - Virtual size: 25KB

.rsrc
Size: 5KB - Virtual size: 4KB