0d2b7aeb127553d445264240c1fd3251

General

Target

0d2b7aeb127553d445264240c1fd3251
Size

150KB
MD5

0d2b7aeb127553d445264240c1fd3251
SHA1

aa20c71b7f3ce7f6c8ac2910404658d9751e20c2
SHA256

eb9b1ba0591ed93c2094741b1a7ff0ea8b5d6f74933d6d860eed512d6c6fc141
SHA512

316ee9c54802679a8af9f634817efca2fe4e4205ca308c7ac04f4870edc41fc06e8acf7842af6efd3efebe591b277b91d07300b86788372fbc349377c2ceb81b
SSDEEP

3072:g9uif5ZA6qwrrWtcWbNIIhE+wVMC2X9CxCDMfa+1wQ9CD:gnAOW2WbiIe+wVJe9dQfa+19

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2b7aeb127553d445264240c1fd3251

Files

0d2b7aeb127553d445264240c1fd3251
.exe windows:5 windows x86 arch:x86

b6f948ee4ed63d17467cfdfde9a3a3a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtOpenEventPair
NtOpenSection
NtCreateSection
NtCancelTimer
NtMapViewOfSection
NtCreateMutant
NtOpenSemaphore
NtQueryInformationFile

msvcrt

_controlfp
wcsstr
_exit
fread
_purecall
free

apcuert2

_LXbig
_LRteps
_LCosh
_FDenorm
_FEps
_Strxfrm
_Cosh
_FInf

user32

CallWindowProcW
IsMenu
RedrawWindow
TranslateAcceleratorW
GetWindowPlacement
GetMonitorInfoW
InvalidateRgn
IsWindow
GetMenuItemID
DefWindowProcW
EnableWindow
BeginPaint
DrawFrameControl
EndPaint
SetDlgItemTextW
GetCapture
GetWindowDC
CharLowerW
CreateDialogParamW
SetWindowsHookExW
LockWindowUpdate
DialogBoxParamW

gdi32

CreateCompatibleBitmap
GetStockObject
GetTextExtentPoint32W
SetBkMode
CreateCompatibleDC
EnumFontFamiliesExW

kernel32

SleepEx
GetPriorityClass
LocalFree
GlobalFree
SetEvent
SetLastError
GlobalAlloc
CreateIoCompletionPort
HeapFree
GetCurrentThreadId
CloseHandle
CreateFileW
GetModuleFileNameW
GetCommandLineW
HeapDestroy
InterlockedDecrement
EnumUILanguagesW
InterlockedIncrement
FormatMessageW
GetCurrentThreadId
VirtualAllocEx
GetFileAttributesW
HeapSetInformation
GetVersion
ExitProcess

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6f948ee4ed63d17467cfdfde9a3a3a9

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msvcrt

apcuert2

user32

gdi32

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 33KB - Virtual size: 32KB

.rsrc Size: 97KB - Virtual size: 100KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 97KB - Virtual size: 100KB