0d14ab9fcf688735823272c3f553edaa

General

Target

0d14ab9fcf688735823272c3f553edaa
Size

214KB
MD5

0d14ab9fcf688735823272c3f553edaa
SHA1

a72a23b5f7b67efad221e9370d88eae5d93f8301
SHA256

f7294558a6e8a0655cf6bf5905f88de62c4e46cf72c559ab00215a5447d07d82
SHA512

89eca92be3b0fb3368c1f35d623d5338776b644ccbc4b2c42bbd051be43667c3f0c0b0645a8a8e0c81dc742efae616b6eac49482da05fd995b75b0043b5ed117
SSDEEP

6144:pmNMOYEkyr8NgJXtUnlSWH0XDK8aOW66FlOPnfy:peTYtyYgJ2+K8aj/lOffy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d14ab9fcf688735823272c3f553edaa

Files

0d14ab9fcf688735823272c3f553edaa
.exe .ps1 windows:5 windows x86 arch:x86 polyglot

b8c3b705e19268c3402911aa00d9974f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ctl3rivs

_Mbrtowc
_FXbig
_LXbig
_Getcvt
_FExp
_Nan
_LPoly
_FDenorm
_Strxfrm

gdi32

EnumFontsA
StretchDIBits
CreateRectRgnIndirect
GetDIBColorTable
GetBrushOrgEx
SetWinMetaFileBits
Rectangle
GetTextExtentPointA
GetTextMetricsA
CreateHalftonePalette
LineTo
CreateFontA
ExcludeClipRect

ntdll

NtExtendSection
NtQuerySystemTime
NtOpenFile
NtQuerySection
NtCreateTimer
NtMapViewOfSection
NtOpenEventPair
NtQueryInformationThread
NtOpenMutant
NtClearEvent

kernel32

CreateMutexW
ExitProcess
OutputDebugStringA
GlobalUnlock
DeleteCriticalSection
VirtualAlloc
FreeLibrary
GetTickCount
SleepEx
GetPriorityClass
InterlockedDecrement
ReleaseMutex
CreateFileW
Sleep
WideCharToMultiByte
GetWindowsDirectoryW
GetCurrentThreadId
CloseHandle
MulDiv
lstrlenW
FindNextVolumeW
CloseHandle
WaitForSingleObject
GetFileAttributesW
FindClose
GetQueuedCompletionStatus
GetLocaleInfoW
LeaveCriticalSection
HeapSetInformation
UnhandledExceptionFilter

user32

TrackPopupMenuEx
ModifyMenuW
CallNextHookEx
KillTimer
FlashWindow
SetCursor
GetClipboardData
CreateAcceleratorTableW
CloseClipboard
GetCursorPos
InflateRect
InsertMenuW
CharNextW
RegisterClipboardFormatW
GetSysColorBrush
GetWindowThreadProcessId
LoadStringW
SendMessageA
GetMessagePos
GetClassNameW
GetWindowLongA
GetClientRect
DrawEdge

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8c3b705e19268c3402911aa00d9974f

Headers

DLL Characteristics

File Characteristics

Imports

ctl3rivs

gdi32

ntdll

kernel32

user32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 120KB - Virtual size: 119KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 120KB - Virtual size: 119KB

.rsrc
Size: 36KB - Virtual size: 36KB