0501a0e74e3c9d2dae42552361b39071

General

Target

0501a0e74e3c9d2dae42552361b39071
Size

195KB
MD5

0501a0e74e3c9d2dae42552361b39071
SHA1

6ced36049596e015dad9332d61cd6921cec76261
SHA256

22c84dc6e70d483e8bb4979527a16df7188ac204a9f9bb4f60d8f3427d3b75e7
SHA512

24fc6d7ba212c15221563e56873f72d1f45482997f5577edd08fe847d73004a3ce6f915724ae14cf70896b51f9d840265207e04244ff898fda620a6ad308d346
SSDEEP

3072:RShP2qcJgGNnldclPOHKhNs4ZQsaRgfCcOf/PtJHzLx3jkxz0DNChLAw4oanPj:Q+DJgKgmMso5zkPtJPxz9DNA47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0501a0e74e3c9d2dae42552361b39071

Files

0501a0e74e3c9d2dae42552361b39071
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

a4646f3d5a9f9a0c57ce8aea21263f7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
LoadLibraryA
GetProcAddress
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetModuleHandleA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
GetTimeZoneInformation
RaiseException
CreateIoCompletionPort
GetThreadPriorityBoost
CreateSemaphoreA
GetEnvironmentStrings
GetLastError
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
SetEnvironmentVariableA

user32

TranslateMessage
SendIMEMessageExA
PeekMessageW
VkKeyScanExA
ToUnicode
EndDeferWindowPos
GetWindowTextLengthW
SetClipboardViewer
DrawIconEx
SetClassWord
DragDetect
SetSystemCursor
DlgDirListW
TranslateAcceleratorA
GetPropA
EnumWindowStationsW
IsCharUpperW
GetMenuStringA
SetCapture
LoadCursorFromFileA
DdeCreateStringHandleA
ToAsciiEx
GetTabbedTextExtentW
GetAsyncKeyState
SetMessageExtraInfo
GetCaretPos
OemToCharA
KillTimer
CharNextA
MapVirtualKeyExA

gdi32

GetBkColor
RemoveFontResourceA
GetTextCharacterExtra

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4646f3d5a9f9a0c57ce8aea21263f7d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 240KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 240KB