0bd7e9e2fe60c1469a0516cbc3ee5498

General

Target

0bd7e9e2fe60c1469a0516cbc3ee5498
Size

41KB
MD5

0bd7e9e2fe60c1469a0516cbc3ee5498
SHA1

23d2e3eefc50df51edb1740c3d792ca41006c3c6
SHA256

a4715c44792642dcf8eeed1a480d5a3c043ff2a911acbcfa4e20f2811dea313b
SHA512

88fd0d42b73fcb0b5caa784af80125a3819f00e5f77f79bdb67b0d58c9fa3f4a30e03e6069863cd58667478578630b7078fce0309ef28f3ba160a22e90ad5989
SSDEEP

768:xgCjZBF1eRGaC63V2rAuRb0aKFIFXfw5d//rnuH1fFpyqEI:xt7F1eRJ/nQYaKewdLuH135E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bd7e9e2fe60c1469a0516cbc3ee5498

Files

0bd7e9e2fe60c1469a0516cbc3ee5498
.exe windows:4 windows x86 arch:x86

1cc6ba130395a61dd8ff9ed6759f4993

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
CreateConsoleScreenBuffer
CreateNamedPipeA
ExitProcess
FindAtomA
GetCommandLineW
GetFileType
GetLocalTime
GetModuleFileNameA
GetPrivateProfileIntA
GetQueuedCompletionStatus
GetStartupInfoA
GetTempFileNameA
IsProcessorFeaturePresent
LocalLock
MoveFileW
OpenEventW
ScrollConsoleScreenBufferW
SearchPathW
SetEndOfFile
SetFileAttributesA
SetFilePointer
SetThreadPriority
SetWaitableTimer
VerLanguageNameW
WriteConsoleOutputCharacterW

user32

CallMsgFilter
CharNextW
CreateWindowExW
DdeClientTransaction
DdeDisconnectList
DdeQueryStringW
DestroyCursor
DlgDirListA
DrawCaption
EnumDisplayDevicesA
FillRect
GetAsyncKeyState
GetDlgItemInt
GetListBoxInfo
GetTopWindow
InflateRect
IsChild
MapVirtualKeyExW
PostMessageA
PostMessageW
PostQuitMessage
RedrawWindow
RegisterDeviceNotificationA
RemovePropA
ReplyMessage
SetDebugErrorLevel

gdi32

AnimatePalette
ChoosePixelFormat
CreateDIBitmap
EnumFontsW
EnumICMProfilesA
FloodFill
GdiFlush
GetCharWidthA
GetColorAdjustment
GetGlyphOutlineW
GetKerningPairsW
GetObjectW
GetTextCharsetInfo
GetTextExtentExPointW
GetWinMetaFileBits
GetWindowOrgEx
LineTo
OffsetClipRgn
OffsetViewportOrgEx
ResetDCA
SelectClipRgn
SelectObject
SetBkColor
SetICMMode
SetWindowExtEx
StartDocA
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cc6ba130395a61dd8ff9ed6759f4993

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 39KB - Virtual size: 60KB

.idata Size: - Virtual size: 12KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 39KB - Virtual size: 60KB

.idata
Size: - Virtual size: 12KB

.rsrc
Size: - Virtual size: 4KB