0d335eb94f91152274509d9db18f0775

Sharing

Copy URL Twitter E-mail

General

Target

0d335eb94f91152274509d9db18f0775
Size

84KB
MD5

0d335eb94f91152274509d9db18f0775
SHA1

46c391df2244f0c7c44996b4febf0f22e2e30960
SHA256

c1b797e676079c36231c09e3ba21ab36b3cdc0c6af36ee41d0894b084f7d15bc
SHA512

98fbe53c498054911de605bba38dd06ef75d2164aa0702058557afeea533ad98da3d653387f21630c1ee8be84a682bffa25525e78028445b9ec0d6ac538f85db
SSDEEP

1536:yhy0R0rrpZnlHli88iY/1YMHLBh78VK7HFHxETY0cNcwYzUh4CY7Yb+4Uh:yhmrlh9zANTrD8VK7HFREsmwYzUh4CYX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d335eb94f91152274509d9db18f0775

Files

0d335eb94f91152274509d9db18f0775
.exe windows:5 windows x86 arch:x86

c9c56334d193c2397da8414f0b5e90ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
FindClose
GetConsoleMode
VirtualAlloc
SearchPathA
WritePrivateProfileStructA
ExitProcess
IsDebuggerPresent
GlobalUnlock
HeapSize
CreateFileA
GetSystemDirectoryW
LoadLibraryA
GetModuleHandleW
FileTimeToLocalFileTime
HeapFree
GetProcAddress
RemoveDirectoryA

advapi32

ChangeServiceConfigA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueW
GetSecurityDescriptorControl
RegQueryValueExW
EnumServicesStatusExA
QueryServiceConfig2A
RegOpenKeyW
AdjustTokenPrivileges
RegDeleteValueA
RegEnumKeyExW
RegQueryValueExA
SetSecurityDescriptorDacl
CloseServiceHandle
RegCreateKeyExW
FreeSid
InitializeSecurityDescriptor
StartServiceW

version

VerQueryValueA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

GetObjectA
CreateFontIndirectA
GetTextColor
GdiFlush
GetCharWidthA
SetMapMode
GetPaletteEntries
Polyline
SetColorAdjustment

msvcrt

_read
_ltow
atol
_amsg_exit
_wcsdup
_tzset
memset
wcstol
_exit
div
_acmdln
exit
_wcsnicmp
bsearch
_itow
localtime
_mbsnbcpy
__p__fmode

Sections

.text
Size: 46KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9c56334d193c2397da8414f0b5e90ea

Headers

File Characteristics

Imports

kernel32

advapi32

version

gdi32

msvcrt

Sections

.text Size: 46KB - Virtual size: 47KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 80KB

.adata Size: 8KB - Virtual size: 37KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 46KB - Virtual size: 47KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 80KB

.adata
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 17KB - Virtual size: 17KB