01c063eeda0453ede514ee7e4317423c

Sharing

Copy URL Twitter E-mail

General

Target

01c063eeda0453ede514ee7e4317423c
Size

399KB
MD5

01c063eeda0453ede514ee7e4317423c
SHA1

ba189f439cf17245bd68c687d38e635532b33b81
SHA256

f022929b4dd3a74588d28b2c476c844e6c8919978ce8079aa1e08d0c9609cc55
SHA512

0914a2a14b5944be006bf80605d93986b9757215b751b549eb36f52860a003ef89cbfe86fbc8de4d7f752a8ce70b7c40af9cd4e91345f0e5ecf73fbfd41cfd02
SSDEEP

12288:HkzG/Tct7eGvY5fFVO5oZSIUlzQgeM3b5QbiPi3EZr:Hkuclg5fCoEI3MrGbuiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01c063eeda0453ede514ee7e4317423c

Files

01c063eeda0453ede514ee7e4317423c
.exe windows:5 windows x86 arch:x86

52b308adeda88e297003788efb968497

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsstr
_wcsnicmp
_wtol
_vsnwprintf
wcschr
wcspbrk
iswspace
memmove
wcslen
wcsncmp
towupper
_wcsicmp
wcsrchr
vswprintf
_beginthreadex
_wtoi
iswdigit
wcscmp
_snwprintf
wcsncpy
??3@YAXPAX@Z
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
_purecall
_except_handler3
??2@YAPAXI@Z

mpr

WNetGetConnectionW
WNetGetConnectionA
WNetCancelConnection2W
WNetAddConnection2W

kernel32

CompareStringW
GetDriveTypeA
GetDriveTypeW
QueryDosDeviceA
QueryDosDeviceW
GetWindowsDirectoryW
GetLocaleInfoW
GetLocaleInfoA
GetVersionExW
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpynW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetFileAttributesW
GetFileAttributesA
lstrlenA
CloseHandle
GetCurrentThreadId
WaitForSingleObject
SetEvent
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
SetLastError
GetLastError
FreeLibrary
SetErrorMode
GetProcAddress
GetExitCodeThread
CreateFileW
CreateFileA
DeviceIoControl
GetVersion
GetUserDefaultLangID
CreateThread
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
CreateEventW
CreateEventA
CompareStringA
GetModuleHandleA
GetWindowsDirectoryA
lstrlenW
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter

gdi32

SelectPalette
RealizePalette
RectVisible
SetDIBitsToDevice
StretchDIBits
MaskBlt
StretchBlt
CreateDIBSection
GetDIBColorTable
GetDeviceCaps
GetObjectW
GetObjectType
GetObjectA
CreateICW
CreateICA
GetClipBox
CreateCompatibleDC
SelectClipRgn
SelectObject
OffsetViewportOrgEx
DeleteDC
SetRectRgn
CreateRectRgnIndirect
DeleteObject

user32

MessageBoxA
MessageBoxW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
RegisterClassExA
RegisterClassExW
UnregisterClassA
UnregisterClassW
RegisterWindowMessageA
SendMessageW
SetWindowLongA
SetWindowLongW
wvsprintfW
GetMonitorInfoA
GetMonitorInfoW
CharNextW
GetCapture
ReleaseCapture
SetCapture
GetFocus
SetFocus
IsWindowVisible
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
PtInRect
MonitorFromRect
WindowFromDC
LoadCursorW
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetWindowLongA
GetMessageW
GetMessageA
GetClassNameA
GetClassLongA
GetClassInfoExW
GetClassInfoExA
DispatchMessageW
DispatchMessageA
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreateWindowExA
GetSystemMetrics
CharNextA
GetCursorPos
MapWindowPoints
CallWindowProcW
CallWindowProcA
BeginPaint
CopyRect
LoadCursorA
OffsetRect
EndPaint
IsChild
ShowWindow
GetClientRect
SetWindowPos
GetParent
GetWindowRect
TranslateMessage
SetParent
IsWindow
DestroyWindow
BringWindowToTop
SendMessageA

advapi32

RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

ole32

CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen
RegisterTypeLi
LoadTypeLi
SysAllocString
VariantInit
SysStringLen
SysFreeString

shlwapi

PathGetCharTypeW
PathGetCharTypeA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uu5s
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0_s0
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8__09
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.65__s
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0kk5s
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.llv1
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.775s
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.785s
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._05s
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85js0
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85j00
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85sj1
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kajq
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjoq
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjj0q
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n_m
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o__p0
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52b308adeda88e297003788efb968497

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mpr

kernel32

gdi32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 1KB

.uu5s Size: 512B - Virtual size: 182B

.0_s0 Size: 512B - Virtual size: 186B

.8__09 Size: 512B - Virtual size: 128B

.65__s Size: 512B - Virtual size: 194B

.0kk5s Size: 512B - Virtual size: 192B

.llv1 Size: 356KB - Virtual size: 355KB

.775s Size: 512B - Virtual size: 196B

.785s Size: 512B - Virtual size: 202B

._05s Size: 512B - Virtual size: 186B

.85js0 Size: 512B - Virtual size: 202B

.85j00 Size: 512B - Virtual size: 176B

.85sj1 Size: 512B - Virtual size: 204B

.kajq Size: 512B - Virtual size: 198B

.kjoq Size: 512B - Virtual size: 162B

.kjj0q Size: 512B - Virtual size: 216B

.n_m Size: 512B - Virtual size: 204B

.o__p Size: 512B - Virtual size: 214B

.o__p0 Size: 512B - Virtual size: 214B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 282B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 1KB

.uu5s
Size: 512B - Virtual size: 182B

.0_s0
Size: 512B - Virtual size: 186B

.8__09
Size: 512B - Virtual size: 128B

.65__s
Size: 512B - Virtual size: 194B

.0kk5s
Size: 512B - Virtual size: 192B

.llv1
Size: 356KB - Virtual size: 355KB

.775s
Size: 512B - Virtual size: 196B

.785s
Size: 512B - Virtual size: 202B

._05s
Size: 512B - Virtual size: 186B

.85js0
Size: 512B - Virtual size: 202B

.85j00
Size: 512B - Virtual size: 176B

.85sj1
Size: 512B - Virtual size: 204B

.kajq
Size: 512B - Virtual size: 198B

.kjoq
Size: 512B - Virtual size: 162B

.kjj0q
Size: 512B - Virtual size: 216B

.n_m
Size: 512B - Virtual size: 204B

.o__p
Size: 512B - Virtual size: 214B

.o__p0
Size: 512B - Virtual size: 214B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 282B