0a1ac8ee4c636e91a7240390d632f995

Sharing

Copy URL

Twitter E-mail

General

Target

0a1ac8ee4c636e91a7240390d632f995
Size

105KB
MD5

0a1ac8ee4c636e91a7240390d632f995
SHA1

f60d7be7757aeb2aad8fb4450e1002056d3bc03a
SHA256

05f19ca69aca49cfd2a0618352af5f3740cbf924631754479a194037ec2ffc3a
SHA512

9e13d3d6895145f258bae711f5f57368460ed70cc7734c8d7d6ae456927f6a6fda1c394e4e52040a93de75816ab8f5a45adb0d1d5187221b233b9fc5713f7ef2
SSDEEP

1536:0D5SHxkxBS7tY437+8zkSffyTATZWyjU9OpJdGCLSbPDgg3GYcMRSj:0tSRkxg7JCSX0EZW1KJ3CDLPR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a1ac8ee4c636e91a7240390d632f995

Files

0a1ac8ee4c636e91a7240390d632f995
.exe windows:4 windows x86 arch:x86

f0630584e0cc8ad3fbec80d408703578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoUninitialize
OleRegGetUserType
CoCreateInstanceEx
CLSIDFromProgID
CreateStreamOnHGlobal
OleRun
StringFromIID
CoRevokeClassObject

msvcrt

_acmdln
wcstol
strlen
pow
tolower
strncmp
rand
strcmp
time
memmove
memcpy
wcsncmp
clock
mbstowcs
swprintf

kernel32

EnumCalendarInfoA
GetCurrentProcessId
GlobalFindAtomA
FormatMessageA
LoadResource
GetStringTypeA
lstrlenA
GetFullPathNameA
GetStringTypeW
WaitForSingleObject
SetEvent
GetUserDefaultLCID
lstrcpyA
GetStartupInfoA
GetLocaleInfoA
lstrcatA
GlobalAlloc
LoadLibraryExA
GetVersion
DeleteFileA
SetEndOfFile
GetLastError
lstrcmpiA
GlobalDeleteAtom
GetEnvironmentStrings
GetOEMCP
GetCommandLineA
GetCurrentThread
GetCurrentProcess
ExitThread
WriteFile
LocalAlloc
GetStdHandle
ReadFile
SetLastError
SetFilePointer
GetCPInfo
FindFirstFileA
RaiseException
GetFileAttributesA
GetCurrentThreadId
LocalReAlloc
InitializeCriticalSection
CloseHandle
GetModuleHandleA
SetThreadLocale
LoadLibraryA
CreateFileA
GetFileSize
GlobalAddAtomA
CompareStringA
GetACP
GetDateFormatA
ResetEvent
GetFileType
FreeResource
MulDiv
SizeofResource
MoveFileA
ExitProcess
Sleep
lstrcmpA
SetHandleCount
CreateThread
lstrcpynA
LockResource
SetErrorMode
GetTickCount
HeapDestroy
EnterCriticalSection
HeapFree
GetLocalTime
VirtualFree
GetProcessHeap
VirtualQuery
GetDiskFreeSpaceA
GetModuleFileNameA
FindClose
DeleteCriticalSection
WideCharToMultiByte
VirtualAllocEx
FindResourceA
VirtualAlloc
LocalFree

oleaut32

SafeArrayGetElement
GetErrorInfo
RegisterTypeLib
VariantCopyInd
SysFreeString
SysReAllocStringLen
VariantChangeType
OleLoadPicture

advapi32

RegDeleteKeyA
RegCreateKeyA
GetLengthSid

comdlg32

GetFileTitleA
ChooseColorA
GetSaveFileNameA
FindTextA
GetOpenFileNameA

shlwapi

SHDeleteKeyA
SHSetValueA
SHDeleteValueA
SHGetValueA
PathIsDirectoryA
SHStrDupA

gdi32

GetBitmapBits
GetPixel
BitBlt
CreateBitmap
SetTextColor
GetDCOrgEx
GetDIBColorTable
SaveDC
SetPixel
RestoreDC

comctl32

ImageList_DrawEx
ImageList_Read
ImageList_Remove
ImageList_DragShowNolock
ImageList_Create

Sections

.CODE
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0630584e0cc8ad3fbec80d408703578

Headers

File Characteristics

Imports

ole32

msvcrt

kernel32

oleaut32

advapi32

comdlg32

shlwapi

gdi32

comctl32

Sections

.CODE Size: 53KB - Virtual size: 52KB

.edata Size: 43KB - Virtual size: 42KB

INIT Size: 7KB - Virtual size: 7KB

.CODE
Size: 53KB - Virtual size: 52KB

.edata
Size: 43KB - Virtual size: 42KB

INIT
Size: 7KB - Virtual size: 7KB