0a411f05c26a4e4a78dc0c96b9584042

General

Target

0a411f05c26a4e4a78dc0c96b9584042
Size

66KB
MD5

0a411f05c26a4e4a78dc0c96b9584042
SHA1

08d1db32102f8a7409c89fed0b24f8d08b1bdc1b
SHA256

d2497f34d4b1142e6051b22fd6c222384fe586c6db1dcc790c737e06ef356804
SHA512

45dd80a65ef901fb6a035b1d86bda93ca169b3781c1c7e7841077b05e212febafe59855133696b1e42a53bc60a3d9f0cbfcca8cd415208a8b86f64dc8dd0634a
SSDEEP

1536:hZAO56KpPHElPjawdm0UTdx0Q/nJDDztyoh88YXQM:hZW0Elzoxw688YX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a411f05c26a4e4a78dc0c96b9584042

Files

0a411f05c26a4e4a78dc0c96b9584042
.exe windows:4 windows x86 arch:x86

2aaeb3530fc36413a8537de8954f643f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrcatA
GetCurrentProcessId
ExitThread
FreeLibrary
GetProcAddress
LoadLibraryA
LoadLibraryW
GetLastError
HeapFree
GetProcessHeap
HeapAlloc
WaitForMultipleObjects
CloseHandle
GetSystemDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetEvent
lstrlenA
lstrcmpA
CreateThread
PulseEvent
GetModuleHandleW
CreateEventA
CreateMutexW
MultiByteToWideChar
CreateProcessA
WriteFile
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
CreateFileA
ReleaseMutex
lstrcpyA
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
ResetEvent

user32

wsprintfA
GetForegroundWindow

advapi32

RegCreateKeyExA
RegSetValueExA
RegNotifyChangeKeyValue
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

OleInitialize
OleUninitialize

shell32

SHGetFolderPathA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aaeb3530fc36413a8537de8954f643f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 516B

.rsrc Size: 62KB - Virtual size: 61KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 516B

.rsrc
Size: 62KB - Virtual size: 61KB