0ad0dc8a83bb830dcd266cca561ed76e

Sharing

Copy URL Twitter E-mail

General

Target

0ad0dc8a83bb830dcd266cca561ed76e
Size

59KB
MD5

0ad0dc8a83bb830dcd266cca561ed76e
SHA1

9ba4083db8a72001a2621cdc44675259cfa302d4
SHA256

3723dd9b27666097e48512d0d90c2e4d1ec766148c99b42642310487cbd8442d
SHA512

239ce857572fcdebbbc34765e424023a38ace00d70e613f974304cc7c722341a39a70c435ab8f14907aad57e001b7b63f346d9400a71782fd33759963bb68865
SSDEEP

1536:AXfVxaLwh6LDAEraxDCdH/69BRiFPvDB:Atxak6LD7r+wH/XPvDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad0dc8a83bb830dcd266cca561ed76e

Files

0ad0dc8a83bb830dcd266cca561ed76e
.exe windows:4 windows x86 arch:x86

4d6bf0714699f7100c1343e06ddde2ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowCursor
DispatchMessageA
UnhookWinEvent
GetAsyncKeyState
GetWindowWord
SetMenuDefaultItem
EnumDisplayMonitors
InvalidateRgn
EnumClipboardFormats
CharToOemBuffA
DestroyAcceleratorTable
ToUnicodeEx
GetClassWord
CreateWindowExA
IsMenu
PostQuitMessage
GetScrollBarInfo
GetLastActivePopup
DdeNameService
LookupIconIdFromDirectory
DefMDIChildProcA
SendMessageTimeoutA
OemToCharA
CreateIconIndirect
EnableScrollBar
SetScrollInfo
ArrangeIconicWindows
MonitorFromPoint
DdeQueryStringA
MessageBoxA
CheckMenuItem
GetKBCodePage
GetKeyboardLayoutList
IsDialogMessage
ExcludeUpdateRgn
DrawMenuBar
GetMessagePos
GetMenuItemCount
CharNextExA
GetDoubleClickTime
PackDDElParam
DdeEnableCallback
CopyIcon
SetWindowRgn
SetKeyboardState
GetUserObjectSecurity
WinHelpA
DrawCaption
EndMenu
IMPGetIMEA
SetProcessWindowStation
GetClassInfoA
SendIMEMessageExA
UnpackDDElParam

advapi32

ChangeServiceConfigA
AllocateAndInitializeSid
GetTrusteeTypeA
InitializeAcl
CryptDestroyHash
RegQueryValueA
CopySid
PrivilegeCheck
QueryServiceObjectSecurity
ObjectDeleteAuditAlarmA
SetServiceStatus
GetExplicitEntriesFromAclA
RegConnectRegistryA
GetAclInformation
RegFlushKey
FindFirstFreeAce
CryptGenKey
DeregisterEventSource
AddAce
GetSecurityDescriptorControl
CryptContextAddRef
EnumDependentServicesA
OpenEventLogA
BuildSecurityDescriptorA
IsTextUnicode
RegDeleteValueA
GetMultipleTrusteeA
AccessCheck
ControlService
GetSecurityDescriptorOwner
CryptEncrypt
GetSidSubAuthority
RegOpenKeyA
GetNumberOfEventLogRecords
BackupEventLogA
CryptSignHashA

kernel32

Process32Next

Sections

.srav
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fexm
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lqxix
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arwf
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d6bf0714699f7100c1343e06ddde2ee

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.srav Size: 22KB - Virtual size: 45KB

.fexm Size: 5KB - Virtual size: 10KB

.lqxix Size: 1024B - Virtual size: 1KB

.arwf Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.srav
Size: 22KB - Virtual size: 45KB

.fexm
Size: 5KB - Virtual size: 10KB

.lqxix
Size: 1024B - Virtual size: 1KB

.arwf
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB