01cd4a0e32c4b7eb948fa036346e2e88

Sharing

Copy URL

Twitter E-mail

General

Target

01cd4a0e32c4b7eb948fa036346e2e88
Size

392KB
MD5

01cd4a0e32c4b7eb948fa036346e2e88
SHA1

431aba14dfdffd2772bfe10afdb2aba5d0a84d10
SHA256

73f33b19be2b7d07dd4c841846faad43ccdc701e002de8e048f08ef14339ca22
SHA512

bab3e133b0a2b3d70c59a68bd8f8eb78be41bad69081f004c1fa6036c2edaa4019313880127ab77ae5907208bf15f56521be269e3d186a47bcc1b1be25da5127
SSDEEP

6144:NcLdRLMKro2mDK94uHjUgt7WiO7KQEiaNXcBJ/nzpzSC3Wbx2i+y6:I/gKro2OK94uXt78Ud+zB3WbQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01cd4a0e32c4b7eb948fa036346e2e88

Files

01cd4a0e32c4b7eb948fa036346e2e88
.exe windows:4 windows x86 arch:x86

472f6a746c84dd7b1d709b1441a6cdcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetFileSize
CreateFileA
GetTempFileNameA
GetTempPathA
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CompareStringA
CompareStringW
GetDiskFreeSpaceA
GetVersionExA
GetDriveTypeA
RemoveDirectoryA
GetFileAttributesA
CreateDirectoryA
MoveFileA
GetWindowsDirectoryA
SetErrorMode
SetEnvironmentVariableA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetProcessHeap
GetTickCount
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetTimeZoneInformation
MapViewOfFile
IsBadReadPtr
GetLocaleInfoA
LCMapStringW
LCMapStringA
ReadFile
GetStringTypeW
GetStringTypeA
IsBadWritePtr
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapSize
GetCurrentProcess
ExitProcess
EnterCriticalSection
SetEnvironmentVariableW
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
DeleteFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
Sleep
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
GetLastError
UnmapViewOfFile
GetSystemInfo
FindNextFileA
LoadLibraryA
GetProcAddress
OpenProcess
CloseHandle
FreeLibrary
FindFirstFileA
FindClose
IsBadCodePtr
CreateProcessA
GetSystemDirectoryA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetEndOfFile
SetFilePointer
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
SetFileAttributesA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree

user32

CharPrevA
CharNextA
CharLowerA
WaitForInputIdle
GetDesktopWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
LoadIconA
GetSystemMenu
EnableMenuItem
SystemParametersInfoA
GetParent
SetWindowPos
DestroyWindow
CreateDialogParamA
IsWindow
DialogBoxIndirectParamA
ShowWindow
GetWindowRect
MoveWindow
DialogBoxParamA
SetDlgItemTextA
InvalidateRect
UpdateWindow
SendDlgItemMessageA
EndDialog
GetDlgItem
GetClientRect
GetSystemMetrics
PostMessageA
SendMessageA
GetSysColor
LoadStringA
MessageBoxA

advapi32

RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey

gdi32

CreateFontIndirectA
CreateSolidBrush
DeleteObject
SetTextColor
SetBkColor

comctl32

ord17

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T�
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

472f6a746c84dd7b1d709b1441a6cdcc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

comctl32

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 16KB - Virtual size: 13KB

.T� Size: 232KB - Virtual size: 232KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 16KB - Virtual size: 13KB

.T�
Size: 232KB - Virtual size: 232KB