0c0a8f8612be85f07cd48eb9e37039e0

General

Target

0c0a8f8612be85f07cd48eb9e37039e0
Size

23KB
MD5

0c0a8f8612be85f07cd48eb9e37039e0
SHA1

fd6888eb15dc669a1f2757f9ffb4fb0017ad7885
SHA256

b7c071f5e6339b5785c8e1b2f8c4a30fc3da209521219cd448674efb4b291add
SHA512

957cb5a583a6efd7eb2d2ea34dca45f417d22dfc151a2d1fa5bc565ef54226a4c01b22b8562eb5f4d27fb7f97aef1a441d804ed1c69e5476a422ee59c374be75
SSDEEP

384:eVNAZ6/iOftrSDHHkGYzyNTXReXHCGP3OBtFGYT1P:5ERtrSDnkmzRRMEYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c0a8f8612be85f07cd48eb9e37039e0

Files

0c0a8f8612be85f07cd48eb9e37039e0
.exe windows:4 windows x86 arch:x86

f8fd77f43496cf1c844763ae6d64aa29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetLastError
DeviceIoControl
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
GetProcAddress
GetModuleHandleA
ReadFile
GetFileSize
lstrcatA
Sleep
LoadResource
GetDriveTypeA
SetLocalTime
GetLocalTime
TerminateProcess
OpenProcess
FindNextFileA
FindFirstFileA
CopyFileA
GetFileAttributesA
CreateThread
DeleteFileA
ExitProcess
CreateMutexA
SizeofResource
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetSystemDirectoryA
SetFileAttributesA
CreateFileA
WriteFile
CloseHandle
GetModuleFileNameA
GetTickCount
GetStartupInfoA
CreateProcessA

user32

SetTimer
GetWindowTextA
PostMessageA
FindWindowA
GetParent
WindowFromPoint
GetCursorPos
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageA
UpdateWindow
ShowWindow
RegisterClassA
CreateWindowExA

advapi32

RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

msvcrt

fclose
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
rename
strstr
remove
printf
_filbuf
fseek
sprintf
strrchr
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
fgets
fprintf
fopen
_stricmp
_controlfp

Sections

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8fd77f43496cf1c844763ae6d64aa29

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

urlmon

shlwapi

msvcrt

Sections

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 2KB