0a18401b8427659d0f468a2b9d46a18c

General

Target

0a18401b8427659d0f468a2b9d46a18c
Size

46KB
MD5

0a18401b8427659d0f468a2b9d46a18c
SHA1

e175f2e627b6c583e2347544dbc8d2b3ddc08f73
SHA256

8de401bab79efbf1696786a501f43633abfcecf3f9701c742211e2754a7b1706
SHA512

3e1c8baffacf4a784cd55804f74ea9e41c16ac0932cf759dbec1b2d7b641ad1d85ecf3ff2cb587ea84fb9edaccd3cdabd56e3bf09935c38cdfce4ee2e1fec396
SSDEEP

768:utBSQcTUFGuhosvB5bPgic5kMKYl1KjaM1gi/Br62xfenKl5Br+SlwurCqc:u3SQcgjB9yYWM1P0KNIur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a18401b8427659d0f468a2b9d46a18c

Files

0a18401b8427659d0f468a2b9d46a18c
.exe windows:5 windows x86 arch:x86

d2c8ad9ba149e5c8cb67f9b0f57ffa80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
UnmapViewOfFile
SetThreadPriority
CreateMutexW
SetEndOfFile
LeaveCriticalSection
GetFileSizeEx
SetLastError
WriteProcessMemory
CreateProcessW
GetModuleFileNameA
GlobalUnlock
MapViewOfFile
InitializeCriticalSection
GetExitCodeProcess
lstrcpynW
GetModuleHandleA
ReleaseMutex
lstrcpyA
GetLogicalDrives
GetTimeZoneInformation
WriteFile
OpenMutexW
OpenProcess
GetFileSize
Sleep
GetProcessHeap
SystemTimeToFileTime
lstrlenA
GetCurrentThreadId
ResetEvent
CreateDirectoryW
GetUserDefaultUILanguage
GetProcessTimes
GetFileTime
WaitForSingleObject
FindNextFileW
GetVersionExW
HeapAlloc
GetTickCount
HeapFree
lstrlenW
GlobalLock
CreateEventW
HeapReAlloc
lstrcatA
FlushFileBuffers
GetCommandLineA
FindClose
DisconnectNamedPipe
GetDriveTypeW
WideCharToMultiByte
lstrcmpiW
MoveFileExW
FindFirstFileW
EnterCriticalSection
MultiByteToWideChar
CreateThread
GetLocalTime
GetCurrentProcessId
GetComputerNameW
IsBadReadPtr
lstrcpyW
CloseHandle
GetSystemTimeAsFileTime
CopyFileW
GetLastError
GetThreadPriority
FindResourceW
SetFilePointer
SetFileTime
ReadFile
lstrcmpiA
GetSystemTime
GetTempFileNameW
SetFileAttributesW
SetEvent
lstrcatW
ExpandEnvironmentStringsW
DeleteFileW
CreateFileMappingW
GetTempPathW
CreateFileW

user32

GetForegroundWindow
GetMessageW
SetProcessWindowStation
GetWindowLongW
MsgWaitForMultipleObjects
GetClassNameW
GetKeyboardState

Sections

.uperqz
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.butqx
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jwn
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2c8ad9ba149e5c8cb67f9b0f57ffa80

Headers

File Characteristics

Imports

kernel32

user32

Sections

.uperqz Size: 36KB - Virtual size: 56KB

.butqx Size: 1KB - Virtual size: 4KB

.jwn Size: 7KB - Virtual size: 76KB

.uperqz
Size: 36KB - Virtual size: 56KB

.butqx
Size: 1KB - Virtual size: 4KB

.jwn
Size: 7KB - Virtual size: 76KB