0f523409f3ff86b2b0eba1cb34a1ca0e

General

Target

0f523409f3ff86b2b0eba1cb34a1ca0e
Size

124KB
MD5

0f523409f3ff86b2b0eba1cb34a1ca0e
SHA1

d09d94cf3298349dd1a2822c3f3344f79f113657
SHA256

e07d980a09529a5dc5b74f6d54b8fb44c75d22b035830b4403c5e7b1e07739ea
SHA512

be73538f2d226106d2e6829cbe7e4ced94e3958180cbe675228ac5e1ce0b25c6de45224a6739e8a46b379bf63c6de6b92f46a87aaf62970fc146415a5e1f0168
SSDEEP

1536:Yus5w2EPbNSAcHl4kEdgcAo50reGRyV0Hccvt4WxZGVkNZXA32lObesRT0WK6FKO:XyEPZkl4nFyrxcuHDuWYVgVNlOKKI6Hh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f523409f3ff86b2b0eba1cb34a1ca0e

Files

0f523409f3ff86b2b0eba1cb34a1ca0e
.exe windows:4 windows x86 arch:x86

a6d4beacdf7781c975f5778ada9f95a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetVersion
GetUserDefaultLangID
WinExec
HeapSize
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetModuleHandleA
FlushFileBuffers
GetModuleFileNameA
GetLastError
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
MultiByteToWideChar
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
SetFilePointer
LoadLibraryA
CloseHandle

user32

MessageBoxA
PostQuitMessage
GetMessageA
DispatchMessageA
LoadStringA

advapi32

CloseServiceHandle
OpenSCManagerA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6d4beacdf7781c975f5778ada9f95a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 16KB - Virtual size: 12KB

.prdata Size: 68KB - Virtual size: 68KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 16KB - Virtual size: 12KB

.prdata
Size: 68KB - Virtual size: 68KB