0c49742e5b8cf2b5743a738f98a0b584

Sharing

Copy URL

Twitter E-mail

General

Target

0c49742e5b8cf2b5743a738f98a0b584
Size

495KB
MD5

0c49742e5b8cf2b5743a738f98a0b584
SHA1

9a5bb33ded03a81aa503ce8799adf5d253123966
SHA256

6ba414a55935e5b857b18f6e06b644ebf8d3faecba51a03a8e08c2fcb6ce45d7
SHA512

9711b4fb757b9f89c55c5d5561b5df809035b9d60c08dbbfd1311f9b5e7d0970572d2755fa3711e90743f3949ccd65ac46e53b6668b058187d1e8d21a0c9253e
SSDEEP

12288:PFV+iCXC2NHU78atxa0F+xbzN/Hh6Dh/UE:POCUHU71ja0SNc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c49742e5b8cf2b5743a738f98a0b584

Files

0c49742e5b8cf2b5743a738f98a0b584
.exe windows:4 windows x86 arch:x86

81f4e99398e577efb3bfc6ebdcae219f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetFileAttributesW
CloseHandle
UnhandledExceptionFilter
FlushFileBuffers
GetTimeFormatA
SetStdHandle
SetCurrentDirectoryA
GetDateFormatA
FoldStringW
LocalFree
ExitProcess
DeleteCriticalSection
GetTickCount
GetStartupInfoA
GetStringTypeW
OpenMutexA
GetUserDefaultLCID
GetLastError
GetOEMCP
IsValidCodePage
GetModuleHandleW
VirtualProtect
EnterCriticalSection
GetSystemTimeAsFileTime
SetFilePointer
GetCurrentThreadId
VirtualQuery
TlsGetValue
SetLastError
QueryPerformanceCounter
HeapSize
CompareStringW
CompareStringA
GetStringTypeA
VirtualFree
VirtualProtectEx
GetEnvironmentStringsW
GetFileType
SetHandleCount
GetVersionExA
FreeEnvironmentStringsA
RtlUnwind
TlsSetValue
VirtualAlloc
CreateMutexA
WriteFile
TlsFree
GetEnvironmentStrings
GetModuleFileNameA
WriteConsoleOutputW
TerminateProcess
HeapFree
GetProcAddress
GetCurrentProcessId
EnumSystemLocalesA
GetModuleHandleA
HeapReAlloc
HeapCreate
SetEnvironmentVariableA
GetFileAttributesExA
LCMapStringA
IsValidLocale
WideCharToMultiByte
GlobalFree
TlsAlloc
GetLocaleInfoW
IsBadWritePtr
GetCommandLineA
GetTimeZoneInformation
GetCurrencyFormatW
InitializeCriticalSection
GetStdHandle
HeapDestroy
LeaveCriticalSection
InterlockedExchange
MultiByteToWideChar
GetSystemInfo
ReadFile
LCMapStringW
GetLocaleInfoA
HeapAlloc
LoadLibraryA
CommConfigDialogA
GetCurrentProcess
GetCurrentThread
GetCPInfo
GetACP

comdlg32

ReplaceTextA

comctl32

InitCommonControlsEx

user32

CheckMenuItem
RegisterClassA
RegisterClassExA
EnumPropsA
LoadCursorFromFileA
ReuseDDElParam
UnloadKeyboardLayout
MessageBoxIndirectA

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81f4e99398e577efb3bfc6ebdcae219f

Headers

File Characteristics

Imports

kernel32

comdlg32

comctl32

user32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 7KB - Virtual size: 12KB

.data Size: 309KB - Virtual size: 309KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 7KB - Virtual size: 12KB

.data
Size: 309KB - Virtual size: 309KB

.rsrc
Size: 7KB - Virtual size: 6KB