0cc60d6b19e152b49a14d5b4defdcd77

Sharing

Copy URL Twitter E-mail

General

Target

0cc60d6b19e152b49a14d5b4defdcd77
Size

437KB
MD5

0cc60d6b19e152b49a14d5b4defdcd77
SHA1

d9781d1552d065a5a4266cf272e1b55cea771431
SHA256

49ab1b89ab3b358f3de3cf6213eeb91c3484a9dda504adab334dccacc17b13cb
SHA512

7b8f481f7d75a6c825423bdf2370419854169b6a6b47a09cd8cd237862165f221e3a20cd801041621e01552550c611d6822d429079faa3d7637f625bfcd69910
SSDEEP

12288:QZqy57AhCC3pDo/9oUgA9jw8hBLHAUDth:yWhLZDoqK90kpP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc60d6b19e152b49a14d5b4defdcd77

Files

0cc60d6b19e152b49a14d5b4defdcd77
.exe windows:4 windows x86 arch:x86

6816bb06dd60eb5f3f8fa7b133491f1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetOEMCP
GetProfileStringA
SetConsoleCtrlHandler
GetEnvironmentStringsW
GetVersionExA
HeapAlloc
VirtualFree
SetHandleCount
IsDebuggerPresent
TlsAlloc
GlobalAlloc
WaitForSingleObjectEx
DeleteCriticalSection
MultiByteToWideChar
SetEnvironmentVariableA
FormatMessageW
GetLocaleInfoA
GetLocaleInfoW
ExpandEnvironmentStringsA
LCMapStringW
FreeEnvironmentStringsW
GetModuleHandleW
FreeLibrary
SetUnhandledExceptionFilter
GetStringTypeA
Sleep
GetLastError
GetProcAddress
CompareStringW
GetFileType
TlsSetValue
OpenWaitableTimerW
FreeEnvironmentStringsA
lstrcmpW
GetStringTypeW
VirtualQuery
InterlockedIncrement
TlsGetValue
IsValidLocale
CompareStringA
GetTimeZoneInformation
SetLastError
GetEnvironmentStrings
HeapReAlloc
InterlockedDecrement
ExitProcess
GetTimeFormatW
SystemTimeToFileTime
VirtualAlloc
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetCommandLineA
GetUserDefaultLCID
HeapCreate
GetCurrentThreadId
LCMapStringA
WriteFile
EnumSystemLocalesA
GetCurrentThread
GetCurrentProcessId
GetModuleFileNameA
HeapSize
EnterCriticalSection
DeleteFileW
GetTickCount
GetStdHandle
SetThreadLocale
GetCPInfo
LeaveCriticalSection
IsValidCodePage
RtlUnwind
GetACP
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
GetCurrentDirectoryW
GetDateFormatA
WideCharToMultiByte
GetStartupInfoA
GetTimeFormatA
HeapFree
TerminateProcess
LoadLibraryA
GetEnvironmentStringsA
TlsFree

gdi32

OffsetWindowOrgEx
IntersectClipRect
StrokePath
GetCharacterPlacementW
SelectClipRgn
CreateEllipticRgn
EnumICMProfilesW
GetRegionData
GetOutlineTextMetricsA

shell32

SHEmptyRecycleBinW
ShellExecuteA

user32

DdeAddData
AttachThreadInput
GetGuiResources
TabbedTextOutW
GetProcessWindowStation
IsCharAlphaNumericA
GetTabbedTextExtentA
GetKeyboardLayoutNameA
GetWindowTextLengthA
SetWindowsHookExA
FindWindowW
IsCharAlphaNumericW
AppendMenuA
GetSystemMetrics
PtInRect
GetCursor
MsgWaitForMultipleObjectsEx
SendNotifyMessageW
WindowFromDC
SetParent
RemovePropA
SetWindowContextHelpId

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6816bb06dd60eb5f3f8fa7b133491f1c

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

user32

Sections

.text Size: 149KB - Virtual size: 149KB

.data Size: 280KB - Virtual size: 309KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 149KB - Virtual size: 149KB

.data
Size: 280KB - Virtual size: 309KB

.rsrc
Size: 6KB - Virtual size: 5KB