02d6ec0e5899fd60dbe4c72af8a32f1b

Sharing

Copy URL

Twitter E-mail

General

Target

02d6ec0e5899fd60dbe4c72af8a32f1b
Size

176KB
MD5

02d6ec0e5899fd60dbe4c72af8a32f1b
SHA1

90f6b77e136fb76fa99f629472078601d728b484
SHA256

7df210ab430882d864df309203079851c276aa990c8d3e8a3e7f0f86cbbb2510
SHA512

becb0284399a73c52f0cc580e330f487eaa9f94676096c34b07e3f7009b6a6633189439e2f5c1b07db507128870cb4dd8f77027134204fc4dbcf9fea45b3b7f2
SSDEEP

768:7qSqnqXlOndVqmPHyE7RbYlvMuvi/m3afT+KUI+ltRZZEBb5b/eRhB5S4yLJzGJ:FvXlYVPVivQ/poDLkbURh6LQWKZP/TR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02d6ec0e5899fd60dbe4c72af8a32f1b

Files

02d6ec0e5899fd60dbe4c72af8a32f1b
.exe windows:1 windows x86 arch:x86

9ca9368a014a00280fb343bc7db2adfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
InterlockedDecrement
WideCharToMultiByte
FreeLibrary
UnhandledExceptionFilter
GetVersionExA
GetCurrentProcessId
GetTickCount
CreateThread
MultiByteToWideChar
LeaveCriticalSection
FreeLibrary
LoadLibraryA
SetLastError
EnterCriticalSection
SetUnhandledExceptionFilter
LocalAlloc
GetCurrentThreadId
CloseHandle
GetTickCount
GetTickCount
GetProcessHeap
UnhandledExceptionFilter
InterlockedIncrement
LoadLibraryW
EnterCriticalSection
FormatMessageW
GetStartupInfoW
LeaveCriticalSection
SetFilePointer

user32

GetSysColor
RegisterClassW
GetWindow
DialogBoxParamW
LoadStringA
PostQuitMessage
PeekMessageW
IsWindow
MessageBoxA
MessageBoxA
GetParent
ScreenToClient
ReleaseDC
GetMenu
SetWindowTextW

advapi32

RegOpenKeyExW
RegEnumValueW
RegOpenKeyExW
RegCloseKey
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
OpenThreadToken
RegDeleteValueW
RegEnumKeyExW

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ca9368a014a00280fb343bc7db2adfd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

Size: 148KB - Virtual size: 160KB

Size: 3KB - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 5KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�vmp0
Size: 5KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB