0a3c8f7b5a400a35e50d07dd3a19a907

General

Target

0a3c8f7b5a400a35e50d07dd3a19a907
Size

32KB
MD5

0a3c8f7b5a400a35e50d07dd3a19a907
SHA1

f83cf9a08477d7a7a97de8df54c8a2142b529c13
SHA256

3332279ddcf8452b365604ac6025362a471ca27344acb1d9687ea873785d1754
SHA512

c17aa3927785add161d6010ebbf14ed297c95b70d5bb530d384e0e97cbd5b72e04fa16b1a433fe72c563fec5883a1129d0817f635ab9ffac96362ea3fa5c0b1c
SSDEEP

384:CnSoVzoOd25tcbatKBj+yv4ZcnLUYOpXFEIKbO0EWUt+QmP8utPjn2hYZ8gfRIpN:xusm25zwh4Z4fOo9KFMQHqLnxy4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3c8f7b5a400a35e50d07dd3a19a907

Files

0a3c8f7b5a400a35e50d07dd3a19a907
.dll windows:4 windows x86 arch:x86

5025bc4c034f7b934bbbf51b769d6a35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomW
EnumResourceNamesA
EnumTimeFormatsW
EraseTape
ExitProcess
GetComputerNameW
GetConsoleCP
GetConsoleTitleA
GetCurrencyFormatW
GetProfileStringW
GetSystemTime
GetTapeStatus
HeapReAlloc
RtlFillMemory
SetErrorMode
Toolhelp32ReadProcessMemory
UTRegister
VirtualProtectEx
_lclose
_lcreat

user32

ClipCursor
CloseDesktop
CreateAcceleratorTableW
DefMDIChildProcA
DlgDirSelectExA
DragDetect
DrawIconEx
DrawStateW
FlashWindow
GetKeyboardLayout
GetKeyboardLayoutList
GetMenuCheckMarkDimensions
GetMonitorInfoW
GetProcessDefaultLayout
LoadMenuIndirectW
MapDialogRect
MessageBoxW
MsgWaitForMultipleObjectsEx
OemToCharBuffA
SendMessageA
SetClassLongA
SetMenuInfo
SetMenuItemInfoW
SwitchDesktop
UnhookWinEvent
wvsprintfA

gdi32

AbortPath
ArcTo
CombineRgn
CopyEnhMetaFileA
CreateDIBSection
CreateEnhMetaFileA
CreatePenIndirect
EnumFontFamiliesA
ExtEscape
GetEnhMetaFilePaletteEntries
GetGlyphOutlineA
GetKerningPairs
GetMetaFileBitsEx
GetTextAlign
GetTextCharacterExtra
GetTextCharset
MoveToEx
ResetDCW
SetMagicColors
SetMapperFlags
SetWindowOrgEx
WidenPath

Exports

Exports

Update

Sections

.text
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5025bc4c034f7b934bbbf51b769d6a35

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 40KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 20KB

.text
Size: 4KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 40KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 20KB