0c42b7df97be6295fe92c5787456abca

Sharing

Copy URL

Twitter E-mail

General

Target

0c42b7df97be6295fe92c5787456abca
Size

126KB
MD5

0c42b7df97be6295fe92c5787456abca
SHA1

d3024d692bc3c49011a80a70b1af68da7fc875e3
SHA256

e607e142a9d53aa606b04879c301c5cf828057134149a64ad714f38e4d8d71c7
SHA512

a52a6566eb60f7380519fb39d1528e36b6d50aa2f5bb767220056c195e1f6798d32c673936d374d0f06f728660f671cd81b2abde5659b063129559a5e9cbe9c1
SSDEEP

3072:+x6YWNNOSkgcxjkYMDp++f6R3JGWxgNjsMOOju2yq:dYEOSckYKlS5IWKj1Owb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c42b7df97be6295fe92c5787456abca

Files

0c42b7df97be6295fe92c5787456abca
.exe windows:4 windows x86 arch:x86

79b811fdcfc2c9e80ede52789ed2ad8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetObjectContext

comctl32

ImageList_DrawEx
ImageList_Remove
ImageList_Add
ImageList_Draw
ImageList_Write
ImageList_Destroy
ImageList_Create
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Read

kernel32

GetModuleHandleW
GetCurrentThreadId
EnumCalendarInfoA
SetHandleCount
lstrcmpiA
lstrcpyA
GetLocalTime
GetStringTypeA
GetLocaleInfoA
Sleep
GetThreadLocale
FindClose
FreeResource
lstrcatA
VirtualAlloc
GetTickCount
GetCPInfo
DeleteCriticalSection
WideCharToMultiByte
EnterCriticalSection
HeapFree
LoadResource
SetEndOfFile
GetSystemDefaultLangID
GetDiskFreeSpaceA
GlobalDeleteAtom
LoadLibraryA
LocalFree
GetFileSize
GetStartupInfoA
FreeLibrary
MulDiv
DeleteFileA
GetACP
GetFullPathNameA
VirtualAllocEx
CompareStringA
CreateFileA
LoadLibraryExA
GetOEMCP
GetProcessHeap
lstrcmpA
SetLastError
lstrlenA
GetUserDefaultLCID
CreateThread
GetLastError
SetEvent
WaitForSingleObject
ExitProcess
CloseHandle
CreateEventA
WriteFile
FindResourceA
IsBadHugeReadPtr

user32

SetWindowPlacement
IsMenu
SetTimer
CreatePopupMenu
GetMenu
SetWindowLongW
IsCharUpperA
GetTopWindow
SetScrollRange
SetWindowLongA
SetScrollPos

Exports

Exports

KxMMf4TEAE@24

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79b811fdcfc2c9e80ede52789ed2ad8d

Headers

File Characteristics

Imports

ole32

comctl32

kernel32

user32

Exports

Exports

Sections

CODE Size: 11KB - Virtual size: 11KB

DATA Size: 11KB - Virtual size: 126KB

.jkdata Size: 98KB - Virtual size: 98KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 512B - Virtual size: 76B

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 11KB - Virtual size: 11KB

DATA
Size: 11KB - Virtual size: 126KB

.jkdata
Size: 98KB - Virtual size: 98KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 512B - Virtual size: 76B

.rsrc
Size: 1KB - Virtual size: 1KB