05a0a9da49a2e5adb8463dc8e0a2b29d

Sharing

Copy URL Twitter E-mail

General

Target

05a0a9da49a2e5adb8463dc8e0a2b29d
Size

168KB
MD5

05a0a9da49a2e5adb8463dc8e0a2b29d
SHA1

6306c305c63da0b0f23f410e13582dca2f730736
SHA256

dce7153f2983d99b4702578087bb2ea5ae7f6adfbc83c66d83f748a23a8df7f3
SHA512

d3ca25cb87e20ff686fc820c073548dc99588e98ebb2c35c78b3f1dafa4950692eda99345fd90700671ae04b933ccb9b0a4160a53c03770c0a9b930152aed39d
SSDEEP

3072:8G4MHz4rDz5xF9Qf0bXPoy8EMfNMdc+EjbAb35x59tH1FOegj3Y58Ch/j9xv:F4Kol9e0bPoy8EMLoaA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a0a9da49a2e5adb8463dc8e0a2b29d

Files

05a0a9da49a2e5adb8463dc8e0a2b29d
.exe windows:5 windows x86 arch:x86

96037c69702840bf84fce2c9edcd81e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
GetDesktopWindow
CharNextA
TranslateMessage
GetParent

gdi32

SetStretchBltMode
CreateSolidBrush
CreateFontIndirectA
GetStockObject
SaveDC
GetPixel
CreateCompatibleDC
SelectObject
SelectPalette
CreatePalette
RectVisible
SetMapMode
CreatePen
DeleteDC
DeleteObject
GetTextMetricsA
SetTextColor
RestoreDC
SetTextAlign
GetObjectA
GetClipBox
PatBlt
LineTo
GetDeviceCaps

kernel32

SetCurrentDirectoryA
GlobalFindAtomW
GetVersion
GetCurrentProcess
GetStartupInfoA
GetCurrentThreadId
GetModuleHandleW
GetCommandLineA
GlobalFindAtomA
GetTickCount
lstrlenW
GetDriveTypeA
GetCurrentProcessId
lstrcmpiW
GetOEMCP
QueryPerformanceCounter
GetCommandLineW
GetProcessHeap
GetModuleHandleA
VirtualAlloc
lstrcmpA
DeleteFileA
VirtualFree
lstrlenA
GetUserDefaultLangID
GetWindowsDirectoryA
RemoveDirectoryA
lstrcmpiA
MulDiv
GetCurrentThread
DeleteFileW
GetConsoleOutputCP
GetACP
IsDebuggerPresent

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Tdjc. Kw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Lvk, Ktq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96037c69702840bf84fce2c9edcd81e3

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Tdjc. Kw Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Lvk, Ktq Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 10KB - Virtual size: 9KB

Tdjc. Kw
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Lvk, Ktq
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 30KB