0cd05a4c38c67e73824640930064c3dc

Sharing

Copy URL Twitter E-mail

General

Target

0cd05a4c38c67e73824640930064c3dc
Size

312KB
MD5

0cd05a4c38c67e73824640930064c3dc
SHA1

bc0cb9e5aa2b45d54e7ada3a6ecc42b84baed133
SHA256

f37c20056a37ce3b4ae993c46b4c0a2eee022ec2817ad7d39b77c6c96a96cf01
SHA512

08c3494b4d9c445d2a1691339e648308cba8505c3f1b64461a58e8e3e630667cc6b8218808ff5b81dfb431b1a5cf96c3f4c0839fb1f032ed73362859d0cc4e0c
SSDEEP

3072:8v6wHycgF0cf5rPCBQztje5CJYtnNLitT1WvziIOM0JhCwEVyY0jWBNcVpotcIx9:8vngLrPQQpjNJWnGTuocyjOwh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cd05a4c38c67e73824640930064c3dc

Files

0cd05a4c38c67e73824640930064c3dc
.dll windows:4 windows x86 arch:x86

2aac5b05dfb64d0dd8c2fee5209743b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

PolyTextOutW
AddFontMemResourceEx
DeleteMetaFile

kernel32

EnumResourceNamesW
GetCurrentDirectoryW
UnregisterWait
VirtualAlloc
GetCurrentProcess
GetFileAttributesW
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetNamedPipeInfo
GetProcAddress
GetVersion
GetVolumeNameForVolumeMountPointA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
DisableThreadLibraryCalls
GetProcessHeap
GetProcessWorkingSetSize
CloseHandle
CreateFileW
GetLocaleInfoA
LocalAlloc
LocalFree
lstrcatW
lstrlenW
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
ExitProcess
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
GetCommandLineA
GetVersionExA
HeapAlloc
RaiseException
DeleteCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsDebuggerPresent
CompareStringA
MultiByteToWideChar
CompareStringW
WriteFile
GetStdHandle
GetModuleFileNameA
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LCMapStringA
LCMapStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateFileA
ReadFile

oleaut32

VarCyMul
OleIconToCursor
VarDecFix

rpcrt4

I_RpcBindingInqDynamicEndpointA
RpcSmEnableAllocate
RpcProtseqVectorFreeA

Exports

Exports

mibwtpioas

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aac5b05dfb64d0dd8c2fee5209743b8

Headers

File Characteristics

Imports

gdi32

kernel32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 52KB - Virtual size: 60KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 52KB - Virtual size: 60KB

.reloc
Size: 12KB - Virtual size: 8KB