0a1f8b07cf9b25fef60a49c7c44611dd

Sharing

Copy URL

Twitter E-mail

General

Target

0a1f8b07cf9b25fef60a49c7c44611dd
Size

284KB
MD5

0a1f8b07cf9b25fef60a49c7c44611dd
SHA1

9e5a8b95ef092e9ea38f2628a4fae36aabea5dcc
SHA256

8e89e74f6ece02c809f459aa095a90044fc98386945a472729ebf0a60600c9d1
SHA512

73b53423b110fc9df48f6a1c31db972042a51032d0ad6846ecab52af08d926ca7efc0e29701bdf717b99bdb6e481d36919425aeb5fb54d9e7bfedd6e6d52884a
SSDEEP

6144:XKU4NiHNuN7bG5hX8C7aSbB80Ha2JZOz2wCP16L:6U4IwGbX8vwB8t2JC2ZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a1f8b07cf9b25fef60a49c7c44611dd

Files

0a1f8b07cf9b25fef60a49c7c44611dd
.exe windows:4 windows x86 arch:x86

7e8b812cf0fc13573f9b367a25a839e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptGetHashParam
CryptHashData
RegOpenKeyExW
RegCloseKey
CryptDestroyHash
RegQueryValueExW
CryptReleaseContext
CryptCreateHash

rpcrt4

UuidCreate

kernel32

GetFileType
FreeLibrary
HeapAlloc
LeaveCriticalSection
FlushViewOfFile
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetCurrentDirectoryW
GetCurrentThreadId
DeleteCriticalSection
CreateFileMappingW
HeapDestroy
GetModuleHandleW
CreateFileW
LocalAlloc
VirtualFree
EnterCriticalSection
GetFileAttributesExW
SetLastError
SystemTimeToFileTime
GetConsoleMode
ExpandEnvironmentStringsW
UnhandledExceptionFilter
UnmapViewOfFile
GetSystemTime
MapViewOfFileEx
GetSystemInfo
ReadFile
IsDebuggerPresent
RaiseException
VirtualAlloc
GetSystemTimeAsFileTime
DeleteFileW
CloseHandle
SetUnhandledExceptionFilter
DeviceIoControl
SetFileAttributesW
GetFileInformationByHandle
SetFilePointer
HeapFree
WideCharToMultiByte
CopyFileW
VirtualAllocEx
LoadLibraryW
SearchPathA
EnumCalendarInfoW
DosDateTimeToFileTime
CreateEventW
SetLocaleInfoW
GetSystemDirectoryA
lstrlen
FatalAppExitA
GetLocalTime
GetLongPathNameA
SearchPathW
GlobalGetAtomNameA
lstrcmpiA
OpenEventA
GetWindowsDirectoryW
RemoveDirectoryW
Beep
EnumCalendarInfoA
lstrcmp
BeginUpdateResourceA
GetWindowsDirectoryA
FindAtomW
GetAtomNameA
EnumTimeFormatsA
MoveFileW
lstrcmpi
GetTimeFormatW
MulDiv
GetTempPathA
CreateSemaphoreA
CreatePipe
GetMailslotInfo
CreateMailslotA
GetDateFormatA
FileTimeToSystemTime
LoadResource
BeginUpdateResourceW
GetVolumeInformationA
GlobalFindAtomW
GetExpandedNameW
GetUserDefaultLCID
OpenMutexW
CreateMutexW
GetCalendarInfoW
lstrcmpW
GetProcessHeap
lstrlenW
SetComputerNameA
QueryPerformanceFrequency
GlobalDeleteAtom
GlobalGetAtomNameW
GetLongPathNameW
GetSystemDirectoryW
GetSystemDefaultLCID
FileTimeToDosDateTime
CopyFileExA

wshrm

WSHGetSockaddrType
WSHGetSocketInformation
WSHGetWildcardSockaddr
WSHOpenSocket2
WSHGetBroadcastSockaddr
WSHJoinLeaf
WSHOpenSocket
WSHNotify

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 246KB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e8b812cf0fc13573f9b367a25a839e4

Headers

File Characteristics

Imports

advapi32

rpcrt4

kernel32

wshrm

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 369KB

.data Size: 246KB - Virtual size: 10.7MB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 369KB

.data
Size: 246KB - Virtual size: 10.7MB

.rsrc
Size: 11KB - Virtual size: 10KB