0e7dedecf01c213cd8d0146bc1972346

Sharing

Copy URL Twitter E-mail

General

Target

0e7dedecf01c213cd8d0146bc1972346
Size

281KB
MD5

0e7dedecf01c213cd8d0146bc1972346
SHA1

d7d398925958f7e136d274be8152de64d52c882d
SHA256

bff855851a92fae8dbfc9c80701f2ca060307ec23a056d31a4cf12408064e9d5
SHA512

c6a9cd0e2f3ed88a90986a1ac40b7253395d3f5915bbb3ccecf1e287caab8f6a1e637bf78c1915c211043335099e6cde9620012cf4c8d399948cea6fe6286315
SSDEEP

6144:CSlYjhH8sfYX8KJZLFLfM94BGJc97dVmIdWSwd2AsujS:CYYjhH8sfYM8FTo4BVrdwgAs+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e7dedecf01c213cd8d0146bc1972346

Files

0e7dedecf01c213cd8d0146bc1972346
.exe windows:4 windows x86 arch:x86

741949028e1613813f9cb27bef02f553

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
GetOpenFileNameW
GetSaveFileNameW

advapi32

LookupPrivilegeDisplayNameA
RegEnumKeyExW
CryptDuplicateHash
RegConnectRegistryA
RegEnumKeyW
RegSetValueExA
RegEnumKeyExA
RegCreateKeyA
RegEnumValueA
CreateServiceA
CryptAcquireContextA
GetUserNameA
AbortSystemShutdownW
RegSetValueW
RegRestoreKeyA
RegOpenKeyExA
RegDeleteValueA
CryptAcquireContextW
AbortSystemShutdownA
CryptSetProviderExW
DuplicateToken
CryptCreateHash
RegEnumValueW
CryptVerifySignatureA
LookupPrivilegeNameW

kernel32

SetLastError
TlsFree
SetConsoleActiveScreenBuffer
GetStdHandle
GetEnvironmentStringsW
lstrcmp
GetFileType
TlsAlloc
SetConsoleCtrlHandler
GetStringTypeW
RtlUnwind
GetProcAddress
GetModuleHandleW
GetProfileSectionW
VirtualAlloc
FreeLibraryAndExitThread
GetThreadPriority
GetTimeZoneInformation
GetFileAttributesExW
MoveFileExA
InterlockedIncrement
GetCurrentThreadId
MultiByteToWideChar
GetLocaleInfoA
HeapCreate
TerminateProcess
InterlockedExchange
GetConsoleScreenBufferInfo
CompareStringW
ExitProcess
HeapFree
GetCurrentProcess
VirtualQuery
SetStdHandle
GetACP
LoadLibraryA
GetModuleHandleA
HeapDestroy
GetFullPathNameA
GetModuleFileNameW
GetTimeFormatA
DeleteCriticalSection
UnhandledExceptionFilter
GetOEMCP
GetCurrentProcessId
HeapAlloc
SetUnhandledExceptionFilter
HeapReAlloc
GetCurrentThread
IsValidLocale
lstrcat
CompareStringA
LCMapStringA
Sleep
TlsSetValue
GetCPInfo
GetCommandLineW
EnumSystemLocalesA
LCMapStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetPrivateProfileSectionW
WritePrivateProfileStructW
FreeEnvironmentStringsW
WriteFileEx
ReadConsoleOutputA
LeaveCriticalSection
TlsGetValue
EnumDateFormatsW
InitializeCriticalSectionAndSpinCount
HeapSize
InterlockedDecrement
GetNamedPipeHandleStateW
GetTickCount
QueryPerformanceCounter
WideCharToMultiByte
EnterCriticalSection
GetSystemTimeAsFileTime
EnumCalendarInfoW
IsValidCodePage
VirtualFree
GetStartupInfoW
GetStringTypeA
GetStartupInfoA
GetUserDefaultLCID
GetDateFormatA
IsDebuggerPresent
lstrcmpA
GetModuleFileNameA
GetSystemDirectoryA
SetHandleCount
FreeLibrary
WriteFile
GetLastError

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

741949028e1613813f9cb27bef02f553

Headers

File Characteristics

Imports

comdlg32

advapi32

kernel32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 9KB - Virtual size: 36KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 9KB - Virtual size: 36KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 17KB - Virtual size: 16KB