0c59eb12417cc13152df972b5740c42d

General

Target

0c59eb12417cc13152df972b5740c42d
Size

40KB
MD5

0c59eb12417cc13152df972b5740c42d
SHA1

271a9c202f5d5883f3ba28ae1b0de9928101cd85
SHA256

93e63f949dd11aa1022d1802bedfb9134ceb84c78034477375d4c725c88c8082
SHA512

78d68590f9cd7d96ea42a2f2f9d31e77a3d965df438f9c4212ea0eccaefc7dae8cec6936323b8fff6aed56644324a20ced6592160e8d8375da9d4e6d05d790af
SSDEEP

768:0bqDhnr1/wztyLB0+A1xKQ3OL04xOzkmA+I2Fl:0bsOtyLKbN4ZT2Fl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c59eb12417cc13152df972b5740c42d

Files

0c59eb12417cc13152df972b5740c42d
.dll windows:4 windows x86 arch:x86

366f360b5ab389ea0102b835f6e8d449

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
GetLastError
CreateMutexA
GetCurrentProcessId
GetPrivateProfileStringA
ReadProcessMemory
SetUnhandledExceptionFilter
SetThreadContext
OpenThread
WideCharToMultiByte
MultiByteToWideChar
VirtualAlloc
ExitProcess
GetCurrentThreadId
Sleep
WriteFile
DeleteFileA
InitializeCriticalSection
VirtualProtectEx
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
TerminateThread
CreateThread
GetModuleHandleA
LoadLibraryA
GetCurrentProcess
GetProcAddress

user32

CallNextHookEx
GetWindowThreadProcessId
GetWindowTextA

msvcrt

wcslen
_stricmp
_strupr
_strlwr
_strcmpi
fopen
sprintf
??2@YAPAXI@Z
memcpy
strrchr
memset
strcat
strcpy
strlen
??3@YAXPAX@Z
strncpy
strchr
strstr
strcmp
__CxxFrameHandler
fclose
fread

Exports

Exports

ggg
hhh

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

axdw
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

366f360b5ab389ea0102b835f6e8d449

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 13KB

axdw Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 13KB

axdw
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 2KB