0cf540980d18ef8a45c11e54016feb85

General

Target

0cf540980d18ef8a45c11e54016feb85
Size

169KB
MD5

0cf540980d18ef8a45c11e54016feb85
SHA1

009c9f94fba7dac34de5573ac8214ffff5cc0175
SHA256

296190279990d1aae148067e133c5611e62b433d4a7cf2d1abb6479601f0e30f
SHA512

69ba585815d9066ff28a4dc3cce415363eabe5d2872dcc393da436e66094fa29fed30dc539cc74f12efb96d964273f0aee389aa430f0c109b85a3c6aa8510fbb
SSDEEP

3072:bj4yADsCRx/xNDOwS7HGoWbAey8Wxg1HO113lko6q0Vjr5vT:bj40CRx/xYwyHx0PoIu15lk1q015

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf540980d18ef8a45c11e54016feb85

Files

0cf540980d18ef8a45c11e54016feb85
.exe windows:4 windows x86 arch:x86

3df5da016c84bd9a4368a2db3c4ca9b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

LoadLibraryA
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetProcAddress
AddAtomA
FindFirstFileA
SetFilePointer
GetCPInfo
VirtualProtect
WideCharToMultiByte
GetStartupInfoA
lstrcmpiA
GetFileAttributesA
CloseHandle
GetModuleHandleA
DeleteCriticalSection
FreeLibrary
lstrcpynA
MulDiv
ReadFile
LeaveCriticalSection
FreeEnvironmentStringsW
LCMapStringW
GetStringTypeW
IsBadCodePtr
GetTickCount
lstrcmpA
GetOEMCP
lstrcpyA
EnumResourceNamesW
lstrlenA
InitializeCriticalSection
Sleep
GetFullPathNameA
UnhandledExceptionFilter
SetDllDirectoryW
EnterCriticalSection
lstrcatA
GetStringTypeA
GetDiskFreeSpaceA
CreateFileA
SetStdHandle
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
LCMapStringA
GetLastError
GetEnvironmentStrings
FlushFileBuffers
GetThreadLocale
MultiByteToWideChar
GetCurrentThreadId
RaiseException

Sections

.text
Size: 91KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df5da016c84bd9a4368a2db3c4ca9b4

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 91KB - Virtual size: 490KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 490KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB