0db534cf2bfd5875a082d2ea94110936

Sharing

Copy URL Twitter E-mail

General

Target

0db534cf2bfd5875a082d2ea94110936
Size

78KB
MD5

0db534cf2bfd5875a082d2ea94110936
SHA1

37a1c37803f0984d0757252c2d05ffd21ca81d1c
SHA256

791549184ead0ee70820325e7c26def96ab1dff52c2df902f8afae71f178fcdd
SHA512

f1ad694a35e7445bcf4aa3377cf51c88527ec60c49872ef8ad3083e8a241d7d14e93c632d4eae783bf7d8407aac61cb54f3fbf695399dbd6c5f03a4134980c98
SSDEEP

1536:9+OXLhV4dwXuE9DFZTVsQVc7pIrQFKGnKvbBdjoNZwwZUllu8249F83ZrQqyi83:8Sf1dVcWQ2lR242VAh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db534cf2bfd5875a082d2ea94110936

Files

0db534cf2bfd5875a082d2ea94110936
.exe windows:4 windows x86 arch:x86

3d4fde1ac5f0f65b29c8bc64283f79ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TryEnterCriticalSection
GetModuleHandleW
GetLastError
CreateFileA
OpenSemaphoreW
GetProcessVersion
GetModuleHandleA
GetDriveTypeA
InitAtomTable
GetFileType
InterlockedExchange
FindVolumeMountPointClose
DosPathToSessionPathA
TlsGetValue
IsBadCodePtr
LoadLibraryA
FileTimeToSystemTime
ExitProcess
FindResourceW
MapViewOfFileEx
GetBinaryType
GetProcAddress
OpenMutexA
VirtualAlloc
VirtualProtect
GetVolumePathNameA
GetTempPathA

msvcrt

__lc_collate_cp
ispunct
memcpy
ispunct
vprintf
is_wctype
_ismbchira
memset
_fstati64
_wexecvp
_wcsupr
_get_osfhandle

user32

GetMenu
IsWindowEnabled
GetClassNameW
UnregisterClassA
RealChildWindowFromPoint
ModifyMenuW
PrivateExtractIconsA
IsDlgButtonChecked
LoadStringA
CharNextA
LoadImageW
LoadCursorW
LoadStringW

opengl32

glIsList
glEnableClientState
glPixelMapuiv
glIndexs
glGetLightfv
glGetPixelMapfv
glRasterPos3sv
glVertex2sv
glRasterPos2i

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 921B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp0
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp1
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp3
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d4fde1ac5f0f65b29c8bc64283f79ef

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 921B

.sp Size: 512B - Virtual size: 115B

.sp0 Size: 1024B - Virtual size: 537B

.sp1 Size: 512B - Virtual size: 22B

.sp2 Size: 512B - Virtual size: 69B

.sp3 Size: 512B - Virtual size: 57B

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 921B

.sp
Size: 512B - Virtual size: 115B

.sp0
Size: 1024B - Virtual size: 537B

.sp1
Size: 512B - Virtual size: 22B

.sp2
Size: 512B - Virtual size: 69B

.sp3
Size: 512B - Virtual size: 57B

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 62B