0c556b45b9b3ff3c6c8dd43630e321dc

Sharing

Copy URL Twitter E-mail

General

Target

0c556b45b9b3ff3c6c8dd43630e321dc
Size

24KB
MD5

0c556b45b9b3ff3c6c8dd43630e321dc
SHA1

49aa8f59f93e7f39d5c75f9839d8f3d458b4a73c
SHA256

2c67d2b9c04af23ebdf0ac640eb74b7c3be515f528269429b8950e17903526e8
SHA512

936941e9b4321bd97fde58d57472d86f995da8b83764e5fe97d6cb0c025a8847188bebdb9d668b88b834c4652740cb7b1187adc350f7387aa9a1c1bd2c578814
SSDEEP

384:HYw+UvqAtvrhUt1lKYz6/+qTIWZtXizO7ymnawgFgP0VS8s2bLLycWl6s:4wHhWT+TTIW3r7ymahFgP0dWNl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c556b45b9b3ff3c6c8dd43630e321dc

Files

0c556b45b9b3ff3c6c8dd43630e321dc
.exe windows:4 windows x86 arch:x86

cc9242055ef8ea11a13d47ffd3ae88a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFileEx
lstrcmpA
VirtualAlloc
GetStartupInfoW
OpenSemaphoreW
ExitThread
SetConsoleTextAttribute
GetDateFormatA
ExitProcess
GlobalUnfix
GetCommModemStatus
Heap32ListNext
GetNamedPipeInfo
lstrlenA
GetModuleHandleA
GetSystemTime
GetCPInfoExW
IsSystemResumeAutomatic
lstrcmpiW
HeapValidate
OpenFileMappingA
lstrcmpiA
lstrlenW
GetConsoleScreenBufferInfo
VirtualFree
OpenSemaphoreA
GetLocalTime
CreateToolhelp32Snapshot
EnumCalendarInfoA
VirtualQuery
lstrcmpW
ReadConsoleOutputW
HeapCreate
Sleep
GetModuleHandleW

advapi32

RegCreateKeyExW
GetAuditedPermissionsFromAclA
RegOpenKeyW
CreatePrivateObjectSecurity
SetEntriesInAccessListW
SetEntriesInAclW
RegQueryValueExW
CryptDecrypt
GetUserNameW
InitializeSid
GetUserNameA
RegOpenKeyA
LockServiceDatabase

shell32

Shell_NotifyIconA

msvcrt

_acmdln
_wcsrev
cosh
_wenviron
_unloaddll
_wgetdcwd
_wstrdate
strtok
_open_osfhandle
_mbsstr
sin
_clearfp

gdi32

CreateDCA
CreateRoundRectRgn
SetDIBits
SetBkMode
GetGlyphOutlineA

user32

CharLowerBuffA
GetCursorInfo
MapVirtualKeyExA
GetClassInfoA
GetKeyNameTextA
SetClassLongA
LoadMenuW
DispatchMessageW
ToUnicode
GetMenuStringW
IMPSetIMEW
OpenWindowStationA
LoadBitmapA
DdeQueryStringW
SetRectEmpty
SetDebugErrorLevel
CreateWindowStationA
AppendMenuW
EnumPropsExW
UnloadKeyboardLayout
UnionRect
GetDialogBaseUnits
ScrollWindowEx
GetFocus
ExitWindowsEx

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zcwx
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pvj
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ivr
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc9242055ef8ea11a13d47ffd3ae88a7

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcrt

gdi32

user32

Sections

.text Size: 5KB - Virtual size: 6KB

.zcwx Size: 9KB - Virtual size: 20KB

.pvj Size: 6KB - Virtual size: 16KB

.ivr Size: 2KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.zcwx
Size: 9KB - Virtual size: 20KB

.pvj
Size: 6KB - Virtual size: 16KB

.ivr
Size: 2KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 1KB