0e35a495529240a7340921f0a9f681e0

Sharing

Copy URL Twitter E-mail

General

Target

0e35a495529240a7340921f0a9f681e0
Size

111KB
MD5

0e35a495529240a7340921f0a9f681e0
SHA1

57686b167a07406af09d8d479f5cb8bb7ef10f70
SHA256

e22c6d791fc522649ee2add31d8f9496cfe0094b5d8992e8d818514023be4fcb
SHA512

d078667406b48ad397809b974c189615c7e11ef6ef19fa7b5084b00782bd924051d473e37cdb694bcb878d183c987e788f498f393ebc07a630aebd03c783effd
SSDEEP

3072:JKyeGAVSF1TNAAgSBulABe74ZEKMMiU1m9:ATRAvclA474GKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e35a495529240a7340921f0a9f681e0

Files

0e35a495529240a7340921f0a9f681e0
.dll windows:4 windows x86 arch:x86

e837422256cc8662517da239511d6f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
QueryServiceStatus
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CloseServiceHandle

ole32

RevokeDragDrop
OleInitialize
OleFlushClipboard
GetConvertStg
CreateDataAdviseHolder
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoResumeClassObjects
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
WriteFmtUserTypeStg

user32

SetFocus
OemToCharBuffA
MessageBoxIndirectA
LoadBitmapA
CreateMenu
CreateCursor
CharUpperA
CharToOemBuffA
CharPrevA

shell32

SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHBindToParent

shlwapi

PathIsRootA
PathFileExistsA
PathMatchSpecA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathIsRelativeA

msvcrt

strlen
strchr
getenv
rand
memcpy
free
strstr

kernel32

lstrcpynA
lstrlenA
lstrcatA
Sleep
SetLastError
RaiseException
OpenFileMappingA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
ExitThread
EnumResourceTypesA
EnumResourceNamesA
CompareStringA
CloseHandle
lstrcmpA

Exports

Exports

Akc
Bgw
Bra
Csn
Cto
Iwj
Kee
Nwc
Pum
Qvu
Vkt
Ydm
Zsv

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e837422256cc8662517da239511d6f39

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 33KB - Virtual size: 36KB

.data Size: 22KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 33KB - Virtual size: 36KB

.data
Size: 22KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB