0cc87b8f520259f6e604ed117812db18

Sharing

Copy URL Twitter E-mail

General

Target

0cc87b8f520259f6e604ed117812db18
Size

64KB
MD5

0cc87b8f520259f6e604ed117812db18
SHA1

2a56d1a55ef41b84f623b338acaff9a52d95b48e
SHA256

d2e1f27d31c99a10a7e69df44d7efddc7c4388cb313a36731b722246913dca6d
SHA512

10a250a5e2ea04019469c9d4e7c78929f7326b5406c38a526cb9be644bb4c728daebbac0221594f3f683db8488a5ae216ee0f25ff7277d8f62131806b0c4e058
SSDEEP

768:Ex7DZTIBZMGfdOJaTbKeRDWx5tMgH9+F8esQ:ExxTgZTbd1+52gqJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc87b8f520259f6e604ed117812db18

Files

0cc87b8f520259f6e604ed117812db18
.exe windows:5 windows x86 arch:x86

302eafe0cd04e021048e0e43f90954ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
FindFirstFileA
FindClose
FindFirstFileW
lstrcmpW
GetCurrentProcessId
GetProcAddress
GetCommandLineA
MulDiv
LocalSize
GetFullPathNameW
GetLastError
WriteFile
GetStartupInfoA
GetProcessHeap
FoldStringW
VirtualAlloc

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

302eafe0cd04e021048e0e43f90954ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 216B

.ati1 Size: 4KB - Virtual size: 3KB

.ati5 Size: 4KB - Virtual size: 3KB

.ati2 Size: 4KB - Virtual size: 3KB

.ati3 Size: 4KB - Virtual size: 3KB

.ati4 Size: 4KB - Virtual size: 3KB

.ati6 Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 502B

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 216B

.ati1
Size: 4KB - Virtual size: 3KB

.ati5
Size: 4KB - Virtual size: 3KB

.ati2
Size: 4KB - Virtual size: 3KB

.ati3
Size: 4KB - Virtual size: 3KB

.ati4
Size: 4KB - Virtual size: 3KB

.ati6
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 502B