0aef0d3f3abc22d42034fe070f15faa2

Sharing

Copy URL

Twitter E-mail

General

Target

0aef0d3f3abc22d42034fe070f15faa2
Size

863KB
MD5

0aef0d3f3abc22d42034fe070f15faa2
SHA1

49495e58c1159501085f09433c8d1bab6083544c
SHA256

541a140a7a36297221ffb331f7727946cae137e16fbd6e4212c0bfd3e63f7150
SHA512

ca66aa27f73f3d52aeb025e50fbd720cd6075609031d3481807fb7670227f02e2e6acb984ec804b63dbf2bdf919c7af805e957df1f6a3fab74689887c6252536
SSDEEP

24576:HIlxPqQtC39tocM8qNgVfTYUJWC5YPqbGzv:olxgtiXNgVcU8C5k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aef0d3f3abc22d42034fe070f15faa2

Files

0aef0d3f3abc22d42034fe070f15faa2
.exe windows:5 windows x86 arch:x86

a394ec35722e64ed3665144e06d2772b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
CharUpperW
SetWindowRgn
BringWindowToTop
wsprintfA
SetWindowLongW
SetFocus
GetDlgCtrlID
LoadStringA
SetWindowsHookExW
SetCapture
UnionRect
GetKeyState
ReleaseCapture
MsgWaitForMultipleObjects
CharUpperA
CloseClipboard
GetClassNameW
SetClipboardData
SystemParametersInfoW
SetScrollInfo
SetParent
LoadStringW
GetWindow
DrawIconEx

kernel32

GetCommandLineW
GetTimeFormatW
GetFullPathNameW
GlobalHandle
SetFileAttributesW
VirtualAlloc
GlobalAlloc
IsBadReadPtr
CreateEventA
CompareFileTime
GetTickCount
GetSystemTimeAsFileTime
WritePrivateProfileStringA
HeapDestroy
FindFirstFileA
FormatMessageA
GetSystemDirectoryW
GetThreadLocale
LockResource
OutputDebugStringA
LeaveCriticalSection
GetTempPathA
GetDateFormatA
GlobalReAlloc
ResetEvent
GetSystemDefaultLCID
CompareStringW
LoadLibraryA
TlsGetValue
GetFileAttributesA
GetModuleHandleA
GetFullPathNameA
CompareStringA
IsBadWritePtr
ExitProcess
InitializeCriticalSection
HeapAlloc
VirtualFree
WaitForSingleObject

msvcrt

realloc
_CxxThrowException
??0exception@@QAE@ABQBD@Z
_vsnwprintf
__set_app_type
fflush
?terminate@@YAXXZ
__getmainargs
wcsncmp
__p__commode
_wtol
exit
?what@exception@@UBEPBDXZ
memmove
strncmp

Sections

.text
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a394ec35722e64ed3665144e06d2772b

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

Sections

.text Size: 329KB - Virtual size: 329KB

.rdata Size: 1024B - Virtual size: 1024B

.data Size: 199KB - Virtual size: 1.9MB

.rsrc Size: 331KB - Virtual size: 331KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 329KB - Virtual size: 329KB

.rdata
Size: 1024B - Virtual size: 1024B

.data
Size: 199KB - Virtual size: 1.9MB

.rsrc
Size: 331KB - Virtual size: 331KB

.reloc
Size: 1KB - Virtual size: 1KB