0cdc71b57bf91ed6b793302766500ac7

Sharing

Copy URL Twitter E-mail

General

Target

0cdc71b57bf91ed6b793302766500ac7
Size

560KB
MD5

0cdc71b57bf91ed6b793302766500ac7
SHA1

d50479bfe6e83b109331c31569f558eda03f1e4e
SHA256

589ee75987539aaacb7faf3395168a7b8b5ae3cc69c4067dc4b40e64fafbefc3
SHA512

0a2bde0916a89b0817056978023c60e05a22c3e963e991ed17271538172124e332b1e36dc255188241131c7d4054204020bd8707d4f96c79aacdd1c6578bf4ff
SSDEEP

12288:fYfMn+TOK+EtZKo+oJsjb4DWWbPuA7qVOLBor7cWDltwOJKnxeM:fIMn4n+EtZT+ogI52HULsAWTKn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdc71b57bf91ed6b793302766500ac7

Files

0cdc71b57bf91ed6b793302766500ac7
.exe windows:4 windows x86 arch:x86

43ebcba4d0d5d710e8c915029543561d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
RealShellExecuteW

comdlg32

LoadAlterBitmap

comctl32

ImageList_DragEnter
ImageList_LoadImage
InitCommonControlsEx

kernel32

GetVersion
HeapAlloc
TransmitCommChar
WriteConsoleA
RtlUnwind
WriteFile
OpenFile
TlsAlloc
ExpandEnvironmentStringsA
FindClose
ExitThread
InterlockedIncrement
GetExitCodeThread
WaitForMultipleObjectsEx
WaitForMultipleObjects
LocalUnlock
SetEnvironmentVariableA
ReadFile
GetCPInfo
InterlockedExchange
CreateMutexA
GetCurrentThread
GetLocalTime
SetFilePointer
GetConsoleCursorInfo
LockFileEx
HeapFree
CreateWaitableTimerW
SuspendThread
GetNumberFormatW
UnhandledExceptionFilter
GetModuleFileNameA
GetCurrentProcessId
InitializeCriticalSection
GetModuleHandleA
ReadConsoleOutputCharacterW
OpenProcess
GetSystemTimeAsFileTime
EnumDateFormatsExA
EnumDateFormatsW
TerminateProcess
GetCurrentThreadId
GetStartupInfoA
HeapCreate
LoadLibraryA
SetConsoleTitleA
PulseEvent
GetNamedPipeHandleStateW
WritePrivateProfileStringA
GetLongPathNameA
InterlockedDecrement
GetStringTypeW
GetFileAttributesA
OpenMutexA
GetCurrentProcess
SetLastError
WaitNamedPipeW
MoveFileExW
LCMapStringA
IsValidCodePage
FreeEnvironmentStringsW
GetACP
TlsSetValue
EnterCriticalSection
GetProcAddress
GetStringTypeA
SetHandleCount
CloseHandle
GetTimeZoneInformation
FillConsoleOutputAttribute
FreeEnvironmentStringsA
VirtualFree
GetOEMCP
GetLastError
QueryPerformanceCounter
GetCommandLineA
SetStdHandle
MultiByteToWideChar
ReadConsoleW
GetEnvironmentStrings
WideCharToMultiByte
lstrlenA
HeapDestroy
VirtualAlloc
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
TlsFree
GetPrivateProfileSectionNamesW
GetDiskFreeSpaceExA
LCMapStringW
WriteConsoleOutputW
IsBadWritePtr
FoldStringW
HeapReAlloc
FlushFileBuffers
GetEnvironmentStringsW
MapViewOfFileEx
TlsGetValue
GetConsoleMode
GetSystemTime
CommConfigDialogA
GetTickCount
SetConsoleTextAttribute
DeleteCriticalSection
ReadConsoleInputW
GetThreadPriority
ExitProcess
ReadFileEx
CompareStringA
GetFileType
FindResourceW
GetCurrencyFormatA
GetWindowsDirectoryA
CompareStringW
LocalSize
GetStdHandle
VirtualQuery
FindResourceA

user32

CloseDesktop
OpenDesktopA
CloseWindowStation
IntersectRect
ShowWindow
MessageBoxW
DestroyMenu
GetSystemMetrics
EditWndProc
EnumPropsExA
RegisterClassExA
DestroyWindow
MessageBeep
DrawEdge
MessageBoxA
RegisterClassA
CharToOemW
CreateWindowExW
SendInput
OemToCharA
OpenInputDesktop
DefWindowProcW

wininet

InternetCheckConnectionA
CreateUrlCacheGroup
InternetGetConnectedStateExW
InternetTimeToSystemTime
FtpFindFirstFileW
FindNextUrlCacheEntryA
FindCloseUrlCache

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43ebcba4d0d5d710e8c915029543561d

Headers

File Characteristics

Imports

shell32

comdlg32

comctl32

kernel32

user32

wininet

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 116KB - Virtual size: 142KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 116KB - Virtual size: 142KB

.rsrc
Size: 16KB - Virtual size: 13KB