0d0f9a0df132d127ea729ba7c7004e6e

Sharing

Copy URL Twitter E-mail

General

Target

0d0f9a0df132d127ea729ba7c7004e6e
Size

503KB
MD5

0d0f9a0df132d127ea729ba7c7004e6e
SHA1

411470c9e4a6deab5da1b7fd67bd2b8fd483bd53
SHA256

d857705e2ab0baa3a118fb9e00551cbda92094fba3e6ba7b783fe04b7b8aaf3b
SHA512

df4e79e0cf777319dde469d52fea2b63aa83824bd92ae634c19ae93e733f3c8b44c4d22f0a86732b5ed75f177d2dce2d34f422dc63e88539084622814ae59ed4
SSDEEP

12288:SBXpDYXj++mBPZWajbZbcTJYOOh7YAQf3a0MWdv:yZDLNBP1jbZbOJ+EAQf3aOdv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d0f9a0df132d127ea729ba7c7004e6e

Files

0d0f9a0df132d127ea729ba7c7004e6e
.exe windows:4 windows x86 arch:x86

1cfcf137b155985c5bfa6d5e69e7924b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
RtlUnwind
GetModuleHandleW
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetTimeZoneInformation
VirtualQuery
GetOEMCP
VirtualFree
VirtualAlloc
WriteConsoleW
GetEnvironmentStrings
QueryPerformanceCounter
TerminateProcess
GetConsoleCP
GetSystemTimeAsFileTime
TlsFree
HeapFree
WriteProfileSectionA
SetFilePointer
FlushFileBuffers
GetCPInfo
CompareStringW
SetConsoleCtrlHandler
ReadFile
HeapReAlloc
GetCompressedFileSizeA
WriteFile
GetLocaleInfoA
EnterCriticalSection
GetEnvironmentStringsW
GetStartupInfoA
CreateFileA
CreateMutexA
SetStdHandle
GetCurrentProcessId
GetProcAddress
GetDiskFreeSpaceExW
IsDebuggerPresent
UnhandledExceptionFilter
GetPrivateProfileStringW
CreateThread
InterlockedExchange
FindAtomW
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
VirtualProtect
ReadConsoleOutputW
Sleep
HeapCreate
HeapSize
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetUserDefaultLCID
LCMapStringA
CloseHandle
TlsGetValue
GetCurrentThread
TransmitCommChar
ExitProcess
GetDateFormatA
IsValidLocale
LockFile
GetFileType
FreeLibrary
GetTimeFormatA
GetModuleFileNameA
GetStringTypeA
IsValidCodePage
GetStringTypeW
TryEnterCriticalSection
GetStdHandle
TlsAlloc
HeapDestroy
UnmapViewOfFile
CompareStringA
FreeEnvironmentStringsA
HeapAlloc
WideCharToMultiByte
FreeEnvironmentStringsW
SetLastError
GetCurrentThreadId
TlsSetValue
GetCommandLineA
LoadLibraryA
InterlockedDecrement
WriteConsoleA
GetLastError
LCMapStringW
MultiByteToWideChar
InterlockedIncrement
GetTickCount
GetLocaleInfoW
GetACP
DeleteCriticalSection
OpenMutexA
GetModuleHandleA
SetEnvironmentVariableA
LeaveCriticalSection

user32

SendNotifyMessageW
RegisterClassExA
RegisterClassA
DlgDirSelectExW
SwitchToThisWindow
DefMDIChildProcA
GetProcessWindowStation
ToUnicode
SetActiveWindow
LoadAcceleratorsW
CheckMenuItem
GetDlgCtrlID
GetNextDlgGroupItem
InsertMenuW

comctl32

InitCommonControlsEx

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cfcf137b155985c5bfa6d5e69e7924b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 54KB - Virtual size: 67KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 54KB - Virtual size: 67KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 7KB - Virtual size: 6KB