0d5eace3f31b35caef33e82837a3ba68

Sharing

Copy URL

Twitter E-mail

General

Target

0d5eace3f31b35caef33e82837a3ba68
Size

328KB
MD5

0d5eace3f31b35caef33e82837a3ba68
SHA1

f6b2173c3ce3f4cea2e734ae09536df498e18718
SHA256

e78553bcdfd5d7fe4ecefbfe057f2800988bfa4280662b501e1575456ad45a02
SHA512

334a3eb614bbd07882c82126a78bd548896aa04739592c8c84145e316f9de599e75c2ff12f225556f35ffb9e6687da451ec4607d838101833cf296c6346b36d4
SSDEEP

3072:6b7m6J+AHp9GyX+LcJJ89yqTpWrdU8kocXWvDaIsvIkN1aeFlLidHBa5:6b7mM+Q+wJuGU8kxmraNIe1vZuh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5eace3f31b35caef33e82837a3ba68

Files

0d5eace3f31b35caef33e82837a3ba68
.exe windows:4 windows x86 arch:x86

e2f431efa8f6988840d0ed04b97c4f59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFile
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoW
SHGetFolderPathW
SHGetPathFromIDListW

user32

CharLowerA
DeleteMenu
DestroyWindow
DrawEdge
DrawFrameControl
DrawMenuBar
EndPaint
EnumWindows
EqualRect
GetClassNameA
GetClientRect
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetMenuItemCount
GetMessagePos
GetScrollPos
GetSystemMetrics
GetWindowLongA
InsertMenuItemA
KillTimer
RegisterWindowMessageA
SetCapture
SetClassLongA
SetRect
UnhookWindowsHookEx

comctl32

CreatePropertySheetPageW
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_SetImageCount

gdi32

AddFontResourceA
CopyMetaFileA
CreateRectRgnIndirect
ExtTextOutW
GetClipRgn
GetMapMode
GetOutlineTextMetricsA
GetPixel
GetRegionData
GetTextMetricsW
RectInRegion
RoundRect
SaveDC
ScaleWindowExtEx
SetBkMode
SetGraphicsMode
SetTextAlign
SetWinMetaFileBits
StartDocW
TextOutA
TextOutW

kernel32

EnumCalendarInfoA
ExitProcess
FileTimeToSystemTime
FindResourceA
FormatMessageA
GetDriveTypeA
GetEnvironmentStringsW
GetFileSize
GetLastError
GetPrivateProfileStringA
GetStdHandle
GetTickCount
GetUserDefaultLCID
IsBadCodePtr
LoadResource
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
RtlUnwind
TerminateThread
TlsGetValue
VirtualFree
VirtualQuery
WaitForSingleObject
WritePrivateProfileStringA
lstrcpynA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

M1s8g14K
Size: 120KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2f431efa8f6988840d0ed04b97c4f59

Headers

File Characteristics

Imports

shell32

user32

comctl32

gdi32

kernel32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

M1s8g14K Size: 120KB - Virtual size: 152KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

M1s8g14K
Size: 120KB - Virtual size: 152KB