0995f49d25d193863b2a049bf0fe147b

Sharing

Copy URL Twitter E-mail

General

Target

0995f49d25d193863b2a049bf0fe147b
Size

113KB
MD5

0995f49d25d193863b2a049bf0fe147b
SHA1

75e622a5313ae83113dea80414f3e0c1b3ef906f
SHA256

f84ba334ca4756281c54b604f22bfb7eda3fa2f2c098e2f880f5d7902eae685d
SHA512

090e3ddbd237c6ccc617efef9c14c26e541df71c01dc998855c884a6ba637f1e04c946c819f1bd4a6f28c5f707a3b4cbbed30684e565a7b0ee8c0aed1df7effc
SSDEEP

1536:1zPsqFtRq1DuS5zhwxeuc5jzyPgF2uwV3SNJB3upiozkWk0wQZ9dAT+P/Bcx12L:1LFt8VhCUF2uwV3SNJ4piJ0wi9dq+XF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0995f49d25d193863b2a049bf0fe147b

Files

0995f49d25d193863b2a049bf0fe147b
.exe windows:4 windows x86 arch:x86

b8a7b2684d4d5c1861b1c23ded6fa3da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

LoadStringA
MessageBoxA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ntdll

RtlDecompressBuffer

Sections

K0D3
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VERI
Size: - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MYS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iveri
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nqj
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rveri
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xkua
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oicj
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.ztwc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8a7b2684d4d5c1861b1c23ded6fa3da

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

ntdll

Sections

K0D3 Size: - Virtual size: 24KB

VERI Size: - Virtual size: 972B

MYS Size: - Virtual size: 1KB

.iveri Size: - Virtual size: 1KB

.nqj Size: - Virtual size: 8B

.rveri Size: 512B - Virtual size: 24B

.xkua Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.oicj Size: - Virtual size: 11KB

.ztwc Size: 47KB - Virtual size: 46KB

.rsrc1 Size: 60KB - Virtual size: 60KB

.reloc Size: 512B - Virtual size: 152B

K0D3
Size: - Virtual size: 24KB

VERI
Size: - Virtual size: 972B

MYS
Size: - Virtual size: 1KB

.iveri
Size: - Virtual size: 1KB

.nqj
Size: - Virtual size: 8B

.rveri
Size: 512B - Virtual size: 24B

.xkua
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.oicj
Size: - Virtual size: 11KB

.ztwc
Size: 47KB - Virtual size: 46KB

.rsrc1
Size: 60KB - Virtual size: 60KB

.reloc
Size: 512B - Virtual size: 152B