0e6d639d9fb6cad9c81d4d5a02d74832

Sharing

Copy URL Twitter E-mail

General

Target

0e6d639d9fb6cad9c81d4d5a02d74832
Size

194KB
MD5

0e6d639d9fb6cad9c81d4d5a02d74832
SHA1

3250bfd7f6e12d2c96c72d23715e9bc57562f586
SHA256

e3097a4b8f2c63a4d9cac6ae02eca95cb04130725a7b4dfb0254f85575b89e87
SHA512

89dd08c3e839c17d289a432f5f05d490845215cfc8660a0df161dd90ae84147c50ca54f3d9cc59dad950cdccae654122ecbe12e90556b25b734643b1375dc729
SSDEEP

6144:5dTfmyg1okdrxNYviXgelG9CEenL7yg/kej:zTfWTvDLz//j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e6d639d9fb6cad9c81d4d5a02d74832

Files

0e6d639d9fb6cad9c81d4d5a02d74832
.exe windows:4 windows x86 arch:x86

a9dd963a2fdb3bcc49e90ac162fab753

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

PlgBlt
CreatePen
RoundRect
GetBitmapBits
CreateFontIndirectA
FlattenPath
AnimatePalette
GetPath
SetTextColor
PolyBezier
StrokePath
ExtCreatePen
GetBkColor
SetStretchBltMode
SetDIBits

shlwapi

PathIsRootW
PathIsURLW
PathStripToRootW
PathCanonicalizeW
PathIsRelativeW
PathCombineW

kernel32

UnlockFile
SearchPathW
FindResourceExA
CreateFiberEx
GetProfileStringW
GetVersionExW
SetCommConfig
CompareStringW
GetFileType
GetVolumeInformationW
GetSystemTime
EnumResourceNamesW
GetFileTime
GetUserDefaultLangID
LockFile
FlushFileBuffers
SetEndOfFile
FlushFileBuffers
FileTimeToSystemTime
IsDBCSLeadByte
VerLanguageNameW
FileTimeToLocalFileTime
LocalAlloc
GetFileAttributesA
GetSystemDirectoryW

comdlg32

GetFileTitleA

ole32

RevokeDragDrop
OleRegGetUserType
CoCreateGuid
CoTaskMemAlloc
CoGetMalloc
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleDuplicateData
StgCreateDocfileOnILockBytes
GetHGlobalFromStream
CoTaskMemFree
OleGetAutoConvert
StringFromCLSID
RegisterDragDrop
ReleaseStgMedium
OleRun
CoFreeUnusedLibraries
ProgIDFromCLSID
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CreateILockBytesOnHGlobal

user32

ChildWindowFromPoint
EmptyClipboard
RegisterClassW
CallNextHookEx
UnhookWindowsHookEx
ClipCursor
DrawEdge
IsClipboardFormatAvailable
SetWindowPos
SetScrollRange
DefWindowProcW
WinHelpW
SetWindowsHookExW
SetClipboardData
GetSysColorBrush
ToAscii
DestroyIcon
MonitorFromWindow
DestroyCursor
GetSysColor

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringFreeA

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9dd963a2fdb3bcc49e90ac162fab753

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

comdlg32

ole32

user32

rpcrt4

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 25KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 25KB

.lib
Size: 512B - Virtual size: 356KB