0d289d9e33d4f101e835cf65ddee9e73

Sharing

Copy URL Twitter E-mail

General

Target

0d289d9e33d4f101e835cf65ddee9e73
Size

85KB
MD5

0d289d9e33d4f101e835cf65ddee9e73
SHA1

bd15c142eb7a1090ccead35f50af0d3db0c84c53
SHA256

71a07caee2b9cbbc7a2a26d7f4ea8ba46d93788ed455c18a6ccba1bec6de3bfc
SHA512

7182f66d13cff7e7670aaa32e3a79fb214889d54cc2ed0f437c86e88fb97712a028dec9bc7099b1c88b0619be917f205fd620c99abbba87db320701eb27adda5
SSDEEP

1536:balqZHDgwTxlFfUN+yKsbAwebWwWa8wlVh8c55:JFluL9wWa8A8cj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d289d9e33d4f101e835cf65ddee9e73

Files

0d289d9e33d4f101e835cf65ddee9e73
.exe windows:4 windows x86 arch:x86

c6d6438c256837ae36cc15324ca637be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegQueryValueExW
RegGetKeySecurity
RegCreateKeyExW
RegReplaceKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueW
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyExA
RegLoadKeyA
RegOpenKeyW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueA
RegQueryInfoKeyW
RegOpenKeyA
RegEnumValueW
RegFlushKey
RegCreateKeyW
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyW
RegReplaceKeyW
RegOpenKeyExW
RegOpenKeyA
RegCreateKeyExW
RegReplaceKeyA
RegDeleteValueW
RegDeleteValueA
RegEnumKeyW
RegDeleteKeyW
RegEnumValueW
RegQueryInfoKeyW
RegLoadKeyW
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
RegEnumKeyExW
RegCreateKeyW
RegCreateKeyExA
RegQueryValueExW
RegGetKeySecurity
RegLoadKeyA
RegQueryValueExA
RegFlushKey
RegQueryValueW
RegQueryValueA
RegOpenKeyExA
RegOpenKeyW
RegEnumKeyExA

user32

DrawTextW
GetCursor
DialogBoxParamA
IsWindow
DrawIconEx
DrawTextA
GetFocus
CloseWindow
InsertMenuA
CalcMenuBar
AppendMenuW
DrawIcon
GetDC
AlignRects
CopyIcon
GetWindowTextA
GetWindowTextLengthA
EndDialog
DialogBoxParamW
AppendMenuA
CopyImage
LoadMenuA
LoadCursorA
BlockInput
GetDlgItem
CopyRect
GetMenu
CreateIcon
IsMenu

kernel32

GetCommandLineA
FreeLibrary
GetCommandLineA
GlobalFree
GetCommandLineA
Sleep
GetCommandLineA
GetStringTypeW
GetCommandLineA
lstrlenA
GetCommandLineA
GetModuleHandleA
GetCommandLineA
ExitProcess
GetCommandLineA
GetLocalTime
GetCommandLineA
GetLastError
GetCommandLineA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d3ta
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r60ta
Size: 10KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b5s
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rs2c
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6d6438c256837ae36cc15324ca637be

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.d3ta Size: 49KB - Virtual size: 48KB

.r60ta Size: 10KB - Virtual size: 85KB

.b5s Size: - Virtual size: 2KB

.rs2c Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 13KB

.d3ta
Size: 49KB - Virtual size: 48KB

.r60ta
Size: 10KB - Virtual size: 85KB

.b5s
Size: - Virtual size: 2KB

.rs2c
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 4KB