0a832fd5eafa4c8d45772728b54d57e9

Sharing

Copy URL Twitter E-mail

General

Target

0a832fd5eafa4c8d45772728b54d57e9
Size

59KB
MD5

0a832fd5eafa4c8d45772728b54d57e9
SHA1

3ec4f24f5ac3668e07cd44212e04f735d81ef9b4
SHA256

a8f15cc9ddbe6f3da97b1d4b4db3d0a0da51e7a6c1309dbf2825b49a369b6fee
SHA512

a292e700b2fe051e80a0d1333446b1585753682e750ba2812a5d0ceea2a9a03bb4542ce09b509a80a918afaae915903201491810c9fecc332a9ba7487b80596b
SSDEEP

768:o8a4PtHlRVR/j+2qJ4N0f3YK7yVv/M2q2oxrkUnW6pUIB6MYhKXCq8/byNjHEqZr:84PffJqA0f3YK7sDwxNVvb90ujZjrDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a832fd5eafa4c8d45772728b54d57e9

Files

0a832fd5eafa4c8d45772728b54d57e9
.exe windows:4 windows x86 arch:x86

5191db8fc8c8f49c3815157cd1b9995c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupSeek
SetConsoleCursorPosition
SetMailslotInfo
lstrcpy
_llseek
CancelIo
DeleteFileA
SetStdHandle
GetPrivateProfileIntA
GetSystemPowerStatus
VirtualQueryEx
IsValidCodePage
GetWindowsDirectoryA
WaitForMultipleObjects
lstrcat
PrepareTape
Module32First
GetProcessVersion
VirtualProtectEx
VirtualFree
ExpandEnvironmentStringsA
Thread32Next
CopyFileA
UnlockFileEx
GetModuleFileNameA
GetDefaultCommConfigA
CommConfigDialogA
EnumSystemLocalesA
InterlockedExchange
GetLongPathNameA
_lread
SetFileApisToOEM
ReleaseSemaphore
ReadConsoleA
WinExec
LocalFileTimeToFileTime
EnumResourceTypesA
SetFilePointer
InterlockedCompareExchange
InterlockedIncrement
_hread
FillConsoleOutputAttribute
LocalAlloc
AreFileApisANSI
WriteFileGather
GlobalFlags
UTRegister
lstrlen
BuildCommDCBA
OpenSemaphoreA
WriteProfileStringA
HeapDestroy
GetDiskFreeSpaceA
LockFileEx
SetCommMask
GetTapeParameters
ReadProcessMemory
GlobalCompact
Beep
TerminateThread
GetProcessAffinityMask
GetCommState

shlwapi

SHIsLowMemoryMachine
SHDeleteValueA
UrlIsOpaqueA
ColorHLSToRGB
SHRegOpenUSKeyA
PathFileExistsA
SHRegCreateUSKeyA
PathMakePrettyA
PathIsRelativeA
StrFormatByteSize64A
SHRegEnumUSKeyA
PathQuoteSpacesA
PathCommonPrefixA
AssocQueryStringA
SHAutoComplete
PathStripToRootA
StrSpnA
PathRemoveBlanksA
StrCSpnA
SHRegWriteUSValueA
PathIsFileSpecA
StrIsIntlEqualA
UrlCombineA
PathAppendA
PathSearchAndQualifyA
StrToIntExA
StrRChrIA
PathIsUNCA

Sections

.nczm
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bah
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avelc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bkf
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5191db8fc8c8f49c3815157cd1b9995c

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.nczm Size: 22KB - Virtual size: 45KB

.bah Size: 5KB - Virtual size: 10KB

.avelc Size: 1024B - Virtual size: 1KB

.bkf Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.nczm
Size: 22KB - Virtual size: 45KB

.bah
Size: 5KB - Virtual size: 10KB

.avelc
Size: 1024B - Virtual size: 1KB

.bkf
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB