0a7a4a18e00d5171509789a7af33f9c7

General

Target

0a7a4a18e00d5171509789a7af33f9c7
Size

871KB
MD5

0a7a4a18e00d5171509789a7af33f9c7
SHA1

d24ebe4d5f435a33baec083a06ff47fc1a13539b
SHA256

aaed3257c6e033ee9d6b07f7776376961e49cfefa922282a5dac977c65a27725
SHA512

5f7e63fd5d40ed5274e318c42a0670c851626832f97fa8f9043e25d5b495b5e8aa834dd940516ec5b22aac76886733994e8717577ace99e07e347040697f922c
SSDEEP

24576:+X2BLOtAKxxcxxfhd53eWsXRStfFms2P1pbUdc+xp3qiz64DZ:+X2ItAaG5veVXRStEP1pMc+xp3qiz64D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7a4a18e00d5171509789a7af33f9c7

Files

0a7a4a18e00d5171509789a7af33f9c7
.exe windows:4 windows x86 arch:x86

0248f4f8410a4bd6018cbd7999ea8605

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetLogicalDriveStringsW
lstrcmpiW
WriteProfileSectionW
WinExec
GetConsoleScreenBufferInfo
WriteConsoleOutputAttribute
lstrlenA

gdi32

DescribePixelFormat
SetBkMode
Pie
GetMetaFileA
CreateEllipticRgnIndirect
CreateDCW
GetRgnBox
GetCurrentObject
GetCharWidthA
SetFontEnumeration
ColorCorrectPalette
SetRectRgn
EndDoc
PolyBezierTo
StretchBlt
SetMetaRgn
SaveDC
GetGlyphOutlineA
CreateDIBitmap
GetColorAdjustment
SetTextAlign
GetTextCharacterExtra
Arc
LineTo
CreateColorSpaceA
ExtTextOutA
ExtFloodFill
DeviceCapabilitiesExW
LPtoDP
PolyPolyline
PolylineTo
AddFontResourceW
CreateCompatibleBitmap
GetObjectA
StrokeAndFillPath
GetTextMetricsA
SetLayout
CombineRgn

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 483KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0248f4f8410a4bd6018cbd7999ea8605

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 273KB - Virtual size: 273KB

.reloc Size: 14KB - Virtual size: 14KB

.bss Size: 483KB - Virtual size: 484KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 273KB - Virtual size: 273KB

.reloc
Size: 14KB - Virtual size: 14KB

.bss
Size: 483KB - Virtual size: 484KB