0e806e81c8aa75769e4758f769066b19

Sharing

Copy URL Twitter E-mail

General

Target

0e806e81c8aa75769e4758f769066b19
Size

242KB
MD5

0e806e81c8aa75769e4758f769066b19
SHA1

464a5470971f09be49bb611ab345ac094bd4a226
SHA256

3e3f7dd556c3d75f9f9e5a8d2f5ae6845f1763b90313f11c9493cc95a0945e76
SHA512

714240879cb68e4d01e6b315ffd1621b1da482b3a2c2a0540a46c757118e2f333430542a480ba766195df849527e918d390edcff0606f11e3d36e37bd3268d99
SSDEEP

3072:Aoi/XpaIC/jdelKE90KmIJQ3FKrKOYHhph3Z0ojWPTKGloGjHlJ7gB968Z7/CZTY:7i/Xpq8z4K14huX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e806e81c8aa75769e4758f769066b19

Files

0e806e81c8aa75769e4758f769066b19
.exe windows:5 windows x86 arch:x86

29616ab98ff77129e9e79ac7da2c6348

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCommandLineW
GetStartupInfoW
SetUnhandledExceptionFilter
GetSystemPowerStatus
LoadLibraryW
GetModuleHandleW
GetProcAddress
Sleep
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GlobalFree
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryExW
FreeLibrary
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExW

user32

EndDialog
DefWindowProcW
ShowWindow
MessageBoxW
LoadStringW
SetRect
ReleaseDC
GetDC
CharNextW
GetClientRect
FindWindowW
SetForegroundWindow
RegisterWindowMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
PeekMessageW
SendMessageW
DialogBoxParamW
GetParent
IsWindow
SetCursor
FillRect
DrawIcon
LoadImageW
RegisterClassW
CreateWindowExW
SetTimer
PostMessageW
GetSystemMetrics
LoadIconW
InvalidateRect
SetWindowPos
BeginPaint
EndPaint
SystemParametersInfoW
GetCursorPos
PostQuitMessage

gdi32

BitBlt
RealizePalette
GetObjectW
GetStockObject
DeleteObject
CreatePalette
GetDIBColorTable
SelectObject
CreateCompatibleDC
SelectPalette
GetClipBox

shlwapi

ord437

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
_except_handler3

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey

comctl32

InitCommonControlsEx

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 231KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ffixlks
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29616ab98ff77129e9e79ac7da2c6348

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

msvcrt

advapi32

comctl32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 356B

.rsrc Size: 231KB - Virtual size: 233KB

ffixlks Size: - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 356B

.rsrc
Size: 231KB - Virtual size: 233KB

ffixlks
Size: - Virtual size: 4KB