0c2b9b5c950093b930c094caa368b139

Sharing

Copy URL Twitter E-mail

General

Target

0c2b9b5c950093b930c094caa368b139
Size

132KB
MD5

0c2b9b5c950093b930c094caa368b139
SHA1

f86e4e794e78a53a723408a7325104f1b9e044bf
SHA256

cef29989f4391a1c829ad2b04508ac4679dbbfcba4a3f172e9f9b33808e75727
SHA512

6b515e58793b0c610e7e0e52c8188d7ebc7339e7f804e674439841c191f787c497f1b3d710a5c8d8272d8b3b85c3eb4479bfbf7eb2ad54bd3eb4cd7986b9471b
SSDEEP

3072:KsApanFSQJWpUu/WwD3+vjA4M/WruzP6sW:KsApgFKtD3UjA4M/WrUy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c2b9b5c950093b930c094caa368b139

Files

0c2b9b5c950093b930c094caa368b139
.exe windows:4 windows x86 arch:x86

7397efe62e46be361e061357f3fcfe7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
GetParent
TranslateMessage
GetDesktopWindow

gdi32

RectVisible
DeleteObject
RestoreDC
GetTextMetricsA
PatBlt
LineTo
SelectPalette
GetClipBox
CreateCompatibleDC
SetTextAlign
SelectObject
GetObjectA
SetMapMode
GetStockObject
SetTextColor
SaveDC
DeleteDC
CreatePen
CreateFontIndirectA
SetStretchBltMode
CreateSolidBrush
GetDeviceCaps
CreatePalette
SetPixel
GetPixel

kernel32

lstrlenW
GetModuleHandleW
GetCurrentProcess
GetModuleHandleA
GetUserDefaultLangID
lstrcmpA
GlobalFindAtomW
GetThreadLocale
IsDebuggerPresent
GetCurrentThread
GetDriveTypeA
VirtualAlloc
GetOEMCP
CopyFileA
VirtualFree
GetCurrentThreadId
lstrlenA
GlobalFindAtomA
GetCurrentProcessId
GetVersion
RemoveDirectoryA
GetProcessHeap
GetACP
lstrcmpiW
GetStartupInfoA
DeleteFileW
DeleteFileA
GetTickCount
MulDiv
lstrcmpiA
SetCurrentDirectoryA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetConsoleOutputCP
RemoveDirectoryW

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sbtbqag
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nericuk
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

moimdqt
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ibaltxf
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

furwsgh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7397efe62e46be361e061357f3fcfe7e

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 32KB - Virtual size: 60KB

sbtbqag Size: - Virtual size: 32KB

nericuk Size: - Virtual size: 32KB

moimdqt Size: - Virtual size: 32KB

ibaltxf Size: - Virtual size: 32KB

furwsgh Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 32KB - Virtual size: 60KB

sbtbqag
Size: - Virtual size: 32KB

nericuk
Size: - Virtual size: 32KB

moimdqt
Size: - Virtual size: 32KB

ibaltxf
Size: - Virtual size: 32KB

furwsgh
Size: - Virtual size: 4KB