0c046c3dcc256327ee461aa5ffe9ea6a

Sharing

Copy URL

Twitter E-mail

General

Target

0c046c3dcc256327ee461aa5ffe9ea6a
Size

332KB
MD5

0c046c3dcc256327ee461aa5ffe9ea6a
SHA1

65685aa3fa515b63994dc74fa5569c3c060fa6a0
SHA256

6fb6fbc925ade4ca5155f171df86caf212de82cec61adfc793c74176b5702071
SHA512

cd3d5233451347fe24b20aa93d921f8907d3cfa440052c2a3c9c2b20a4f0aaa7c05a4b5e0f4027160e80e48d3968d579d4e41f92045af9bf41bace00e6e50e65
SSDEEP

6144:ESDlRrFSt0BAFiptt+NL7CdZRU26i9SdQCxhu+smEHGgpAAMVvwzkPxvhL7nBuSw:EuQxFiBkyhU2l9o/vOG0jMVYQVhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c046c3dcc256327ee461aa5ffe9ea6a

Files

0c046c3dcc256327ee461aa5ffe9ea6a
.exe windows:4 windows x86 arch:x86

949b86a7cb8ff504dea64c5dfe79f28d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetConsoleHardwareState
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
OpenEventW
CreateSemaphoreW
ReleaseSemaphore
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
CreateFileW
GetLocalTime
CreateDirectoryW
CreateTimerQueueTimer
ChangeTimerQueueTimer
DuplicateHandle
GetFileAttributesW
ExpandEnvironmentStringsW
GetCurrentThread
CreateProcessW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
TlsAlloc
TlsGetValue
TlsFree
TlsSetValue
HeapCreate
HeapSize
HeapValidate
HeapReAlloc
HeapDestroy
SwitchToThread
DeleteTimerQueueTimer
TryEnterCriticalSection
InitializeCriticalSection
LocalFileTimeToFileTime
SystemTimeToFileTime
CompareFileTime

oleaut32

DispInvoke
CreateErrorInfo
OleSavePictureFile
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 214KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

949b86a7cb8ff504dea64c5dfe79f28d

Headers

File Characteristics

Imports

kernel32

oleaut32

msimg32

Sections

.text Size: 214KB - Virtual size: 261KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 114KB - Virtual size: 113KB

.text
Size: 214KB - Virtual size: 261KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 114KB - Virtual size: 113KB