0c47cbfdef7329e8b88a4539423732ad

General

Target

0c47cbfdef7329e8b88a4539423732ad
Size

64KB
MD5

0c47cbfdef7329e8b88a4539423732ad
SHA1

8fd7fbb9c5e8c0810e9ab1ad6e57c84280b452b1
SHA256

532b4c0b1ed0eaa8e473c04c1d44327ed6346e78d1f7ac2f65efb2f8c3c43ac6
SHA512

d616f814b0d933dc28165eaf2446eb3a07ae437b5fbc3da6616ad41f1cc8db1a42784bccd010c4f45d4295f45236ea15b004a90e7c08275b446ecaf5a834b924
SSDEEP

1536:/rut8yrZmJzVT6fOcRATfB8oh3e0LsABV1:qtr1szNseTfBDFe0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c47cbfdef7329e8b88a4539423732ad

Files

0c47cbfdef7329e8b88a4539423732ad
.exe windows:5 windows x86 arch:x86

cc0de40500964a3913b95416829f80aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetThreadPriority
CopyFileW
DisconnectNamedPipe
WriteProcessMemory
FindNextFileW
IsBadReadPtr
GlobalUnlock
UnmapViewOfFile
lstrcmpiA
OpenMutexW
lstrcpyA
GetProcessHeap
GetDriveTypeW
FindClose
GetCommandLineA
GetFileSize
GetModuleFileNameA
GetLastError
SystemTimeToFileTime
lstrcmpiW
GetTempPathW
CreateProcessW
lstrlenW
GetFileTime
lstrcatW
lstrcatA
GetModuleFileNameW
FindResourceW
InitializeCriticalSection
LeaveCriticalSection
CreateThread
GetLogicalDrives
GetThreadPriority
CloseHandle
GetLocalTime
GetComputerNameW
MultiByteToWideChar
GlobalLock
GetProcessTimes
GetTempFileNameW
CreateDirectoryW
ResetEvent
SetLastError
MoveFileExW
CreateFileMappingW
HeapReAlloc
WriteFile
ExpandEnvironmentStringsW
lstrlenA
FindFirstFileW
GetCurrentThreadId
WaitForSingleObject
OpenProcess
Sleep
GetSystemTimeAsFileTime
HeapAlloc
CreateMutexW
SetFileTime
MapViewOfFile
CreateFileW
GetCurrentProcessId
GetVersionExW
ReleaseMutex
SetEndOfFile
DeleteFileW
HeapFree
GetSystemTime
SetEvent
GetTimeZoneInformation
CreateEventW
lstrcpynW
GetModuleHandleA
FlushFileBuffers
SetFilePointer
GetTickCount
GetFileSizeEx
EnterCriticalSection
lstrcpyW
GetExitCodeProcess
SetFileAttributesW
GetUserDefaultUILanguage
WideCharToMultiByte

user32

GetKeyboardState
CloseDesktop
CloseWindowStation
CharLowerBuffA
GetMessageA
GetForegroundWindow
GetDlgItemTextW

Sections

.udefev
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xajop
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwjgr
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obihkv
Size: 28KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc0de40500964a3913b95416829f80aa

Headers

File Characteristics

Imports

kernel32

user32

Sections

.udefev Size: 20KB - Virtual size: 40KB

.xajop Size: 8KB - Virtual size: 10KB

.zwjgr Size: 4KB - Virtual size: 1KB

.obihkv Size: 28KB - Virtual size: 132KB

.udefev
Size: 20KB - Virtual size: 40KB

.xajop
Size: 8KB - Virtual size: 10KB

.zwjgr
Size: 4KB - Virtual size: 1KB

.obihkv
Size: 28KB - Virtual size: 132KB