0cdf954c0bef8a4e00bd8d092bb1d6f9

Sharing

Copy URL Twitter E-mail

General

Target

0cdf954c0bef8a4e00bd8d092bb1d6f9
Size

154KB
MD5

0cdf954c0bef8a4e00bd8d092bb1d6f9
SHA1

61bdc07b788c24ae0577fdf2b439e105f9470465
SHA256

94408764509df06b769b160f88e53a106e5e607f0fa47d29a42c609560295bf6
SHA512

a59de79c637d37d6340ace8d9129f5e97a39508a5fe013f213757135ff2bb8aea40f47c13cba127f2a245fc4c00af67f41bc1d732c593f78f8b976abccad1f72
SSDEEP

3072:8+G0xYxx++RfjOYQKBAJMC73ig8/bCHB7/CmOqaF/+l:8+xYxxLRrLQpCC7Obu9/CmOXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdf954c0bef8a4e00bd8d092bb1d6f9

Files

0cdf954c0bef8a4e00bd8d092bb1d6f9
.exe windows:5 windows x86 arch:x86

870bcf8592d99199c620562e9a803a29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
DeleteAtom
GetLastError
GetStdHandle
GetCPInfo
OpenFileMappingA
GlobalFree
ExitThread
FindAtomA
WriteFile
FindClose
CopyFileExW
GetFileTime
GetCommandLineA
ReadFile
ExitProcess
FindAtomW
GetPriorityClass
GetFileType
CreateDirectoryA
FatalExit
CopyFileExA
FreeResource
AddAtomW
GetLocalTime
DeleteAtom
ExitProcess
FlushFileBuffers
DeleteFileA
AddAtomA
FreeResource
GetCommandLineA
FindClose
FindAtomA
CopyFileA
CopyFileExW
CreateDirectoryA
WriteFile
OpenFile
CopyFileA
FindAtomW
OpenFile
DeleteFileW
GetStdHandle
GetCPInfo
CreateDirectoryA
CopyFileExW
GetLastError
WriteFile
FindClose
ExitThread
AddAtomW
ReadFile
WriteFile
GetCPInfo
FreeResource
CopyFileExA
FatalExit
GetLocalTime
GetStdHandle
ExitThread
CopyFileA
CopyFileExW
AddAtomA
DeleteFileW
DeleteFileA
FlushFileBuffers
GetPriorityClass
OpenFileMappingA
AddAtomW
GetLastError
FindAtomW
CopyFileExW
FindClose
ReadFile
GetLocalTime
CopyFileExA
AddAtomW
GetStdHandle
GetFileTime
ExitProcess
OpenFile
DeleteFileA
ExitThread
AddAtomA
CopyFileA
GetLastError
OpenFileMappingA
GlobalFree
WriteFile
ExitThread
CopyFileA
CopyFileExW
GetCommandLineA
GetFileType
OpenFile
FatalExit
CreateDirectoryA
FindAtomA
GetPriorityClass
DeleteFileW
GetLocalTime
ReadFile
GlobalFree
ExitProcess
AddAtomA
FindClose
OpenFileMappingA
ReadFile
GetLastError
FindAtomW
GetCPInfo
CreateDirectoryA
AddAtomW
DeleteFileW
FreeResource
FindClose
WriteFile
GlobalFree
GetFileType
CopyFileExA
WriteFile
GetFileTime
FlushFileBuffers
AddAtomW
CopyFileExW
ReadFile
GetCPInfo
GetLocalTime
GlobalFree
DeleteFileW
CopyFileA
FatalExit
CopyFileExA
FindAtomA
CopyFileA
GetLocalTime
DeleteFileA
ReadFile
GetPriorityClass
FatalExit
FindClose
GetLastError
ExitThread
WriteFile
FlushFileBuffers
CopyFileExA
FindAtomW
OpenFile
FindAtomA
DeleteAtom
ExitProcess
GetPriorityClass
DeleteFileA
GetLocalTime
FindAtomW
ExitThread
GetFileTime
FlushFileBuffers
DeleteFileW

advapi32

RegLoadKeyA
RegReplaceKeyW
RegCreateKeyW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyA
RegFlushKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegGetKeySecurity
RegQueryValueExW
RegEnumKeyA
RegQueryInfoKeyW
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueW
RegLoadKeyW
RegEnumValueA
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW
RegGetKeySecurity
RegFlushKey
RegQueryValueExA
RegEnumValueW
RegGetKeySecurity
RegEnumKeyExW
RegEnumKeyA
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyA
RegDeleteKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegReplaceKeyW
RegOpenKeyExA
RegQueryValueA
RegLoadKeyW
RegFlushKey
RegCreateKeyA
RegEnumKeyExA
RegLoadKeyW
RegQueryValueA
RegOpenKeyW
RegEnumKeyExA
RegLoadKeyA
RegGetKeySecurity
RegDeleteValueW
RegFlushKey
RegDeleteValueA
RegQueryInfoKeyW
RegReplaceKeyA
RegEnumKeyA
RegCreateKeyW
RegCreateKeyExA
RegDeleteKeyW
RegEnumValueA

user32

GetFocus
BeginPaint
GetDC
AppendMenuW
LoadCursorA
CloseWindow
CopyImage
GetMenu
GetCursor
DrawTextA
CalcMenuBar
GetDlgItem
InsertMenuA
GetWindowTextLengthA
AppendMenuA
GetWindowTextA
CreateIcon

Sections

.7a031
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d5ce
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b896c
Size: 106KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8c2ad
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

870bcf8592d99199c620562e9a803a29

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.7a031 Size: 29KB - Virtual size: 28KB

.d5ce Size: 11KB - Virtual size: 11KB

.b896c Size: 106KB - Virtual size: 373KB

.8c2ad Size: 7KB - Virtual size: 6KB

.7a031
Size: 29KB - Virtual size: 28KB

.d5ce
Size: 11KB - Virtual size: 11KB

.b896c
Size: 106KB - Virtual size: 373KB

.8c2ad
Size: 7KB - Virtual size: 6KB