0a8a16ca49a707b749fe63ee06d4fb09

Sharing

Copy URL Twitter E-mail

General

Target

0a8a16ca49a707b749fe63ee06d4fb09
Size

2.6MB
MD5

0a8a16ca49a707b749fe63ee06d4fb09
SHA1

9ff5ed1b7543f13cbedab15f0f947330c566ee95
SHA256

6c964b9c71e729237dbc353da9fe91abcf9d981f252b56ff256f6cd3a8ee8140
SHA512

4ded2bf50158afce714fc53d4d34637703e9aa45fe2afa6e4de6c48b1549fe15a92962a1544807e47f4fa7e2de49e3c0afe02e4f4599e36d310dbdf3fddaa306
SSDEEP

24576:Tk9EjwUt73r4agCh4F06M1/1RzJX6QIp5h2cLQkuIxUxGB6YGThejFbmEyAMkOyg:SEj714a1hgM9lbcLxUIkYGomEyAI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a8a16ca49a707b749fe63ee06d4fb09

Files

0a8a16ca49a707b749fe63ee06d4fb09
.exe windows:4 windows x86 arch:x86

f0b3170cdcac40409c6cee9fdbb4d74a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
ReadConsoleA
FindFirstFileA
GetFileSize
OpenFileMappingA
GetLastError
GetCommandLineA
CopyFileW
ExitThread
CopyFileExA
DeleteAtom
OpenFile
DeleteFileW
CopyFileA
CreateThread
GetStdHandle
CopyFileExW
DeleteFileA
GetFileTime
ReadConsoleW
GetLastError
FindFirstFileA
GetFileSize
ReadConsoleA
CreateThread
GetFileTime
CreateDirectoryA
GetStdHandle
WriteFile
ReadConsoleW
DeleteAtom
GetConsoleMode
ExitThread
DeleteFileW
GetComputerNameA
ReadFile
FindAtomA
CopyFileExA
OpenFileMappingA
GetComputerNameA
DeleteFileW
ReadConsoleW
ExitThread
CreateThread
GetStdHandle
GetCPInfo
FindFirstFileA
FindAtomA
DeleteAtom
Sleep
CopyFileExW
DeleteFileA
OpenFile

advapi32

RegDeleteValueW
RegOpenKeyW
RegEnumKeyExA
RegCreateKeyExA
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegCreateKeyW
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyExW
RegLoadKeyA
RegFlushKey
RegReplaceKeyW
RegOpenKeyW
RegCreateKeyW
RegDeleteValueA
RegQueryValueExA
RegEnumKeyW
RegEnumValueA
RegGetKeySecurity
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW

comctl32

ImageList_Remove
InitCommonControls
ImageList_GetIcon
ImageList_EndDrag
ImageList_AddIcon
ImageList_Create
ImageList_GetImageRect
ImageList_DrawEx
ImageList_Replace
ImageList_GetImageCount
ImageList_DragMove
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_Merge
ImageList_GetImageInfo
ImageList_Destroy
ImageList_DragShowNolock
ImageList_DragMove
ImageList_GetIconSize
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Create
ImageList_Draw
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_DrawEx
ImageList_Copy
ImageList_AddIcon
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_Remove

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2.3MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dYMQed
Size: 4KB - Virtual size: 59B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0b3170cdcac40409c6cee9fdbb4d74a

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 264KB - Virtual size: 260KB

.jdata Size: 8KB - Virtual size: 5KB

.vdata Size: 8KB - Virtual size: 5KB

.bbs Size: 4KB - Virtual size: 1KB

.jdata Size: 2.3MB - Virtual size: 4.9MB

.dYMQed Size: 4KB - Virtual size: 59B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 264KB - Virtual size: 260KB

.jdata
Size: 8KB - Virtual size: 5KB

.vdata
Size: 8KB - Virtual size: 5KB

.bbs
Size: 4KB - Virtual size: 1KB

.jdata
Size: 2.3MB - Virtual size: 4.9MB

.dYMQed
Size: 4KB - Virtual size: 59B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 4KB