0eb5c0a310b176502dbc79950b71d366

Sharing

Copy URL

Twitter E-mail

General

Target

0eb5c0a310b176502dbc79950b71d366
Size

412KB
MD5

0eb5c0a310b176502dbc79950b71d366
SHA1

11729e92b93a7b85d4cfedb5727d01a39e450dad
SHA256

62523febb2e8649f5b957d67dfe9cb16a8e6e898034acef783c89e6bc1c21308
SHA512

decaaf61c5e0cbd4052fb7590b7eddc1d5fc2a512b468ec9e49bf95b62db3239a2678fab6b55bd516e07585c7c177f8dbc2d79a39a9bde14bf42ab6030e922a8
SSDEEP

6144:NNGYeA410RlvFFRtLSoV3Qjlmh4WAbDFDxmnlkBFMesw2aOATo16feT8:NNG9yRlbRtLSo5QxmN/lk/MeswClN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0eb5c0a310b176502dbc79950b71d366

Files

0eb5c0a310b176502dbc79950b71d366
.exe windows:5 windows x86 arch:x86

9f32638d1d75aaf106ea69803104e338

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord815
ord6466
ord641
ord942
ord940
ord537
ord818
ord2455
ord2506
ord1644
ord567
ord2809
ord1165
ord3133
ord2078
ord2567
ord6051
ord4073
ord1768
ord4390
ord5237
ord2377
ord5157
ord6370
ord4347
ord5286
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord5193
ord4621
ord3569
ord609
ord1143
ord2574
ord4396
ord3365
ord3635
ord693
ord543
ord3696
ord500
ord2634
ord2294
ord4229
ord860
ord6195
ord858
ord4155
ord3087
ord4219
ord6193
ord6211
ord4847
ord5261
ord4370
ord4992
ord6048
ord1767
ord4401
ord5276
ord4419
ord3592
ord324
ord4704
ord2859
ord3605
ord656
ord4270
ord6451
ord2400
ord6278
ord2857
ord384
ord686
ord2445
ord2088
ord5977
ord6896
ord6238
ord3281
ord600
ord1240
ord1173
ord1571
ord1250
ord1248
ord1563
ord1194
ord342
ord1179
ord1570
ord1568
ord1115
ord269
ord826
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord2910
ord5568
ord1105
ord2606
ord823
ord772
ord540
ord861
ord800
ord825
ord803
ord5856
ord3579
ord3397
ord6138

msvcrt

_except_handler3
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_CxxThrowException
wcscmp
wcslen
__CxxFrameHandler

winscard

SCardListCardsA
SCardDisconnect
SCardLocateCardsW
SCardListReadersA
SCardLocateCardsA
SCardGetStatusChangeA
SCardConnectW
SCardConnectA
SCardEstablishContext
SCardCancel
SCardReleaseContext
SCardGetStatusChangeW
SCardListCardsW
SCardListReadersW
SCardFreeMemory

user32

GetWindowRect
GetParent
WinHelpW
LoadIconW
EnableWindow
SetWindowContextHelpId
SendMessageW
SetForegroundWindow
ScreenToClient
PostMessageW

kernel32

ResumeThread
EnterCriticalSection
LeaveCriticalSection
lstrlenW
WaitForSingleObject
GetLastError
WideCharToMultiByte
MultiByteToWideChar
DisableThreadLibraryCalls
lstrlenA
InitializeCriticalSection
LocalFree
LocalAlloc
GetACP
DeleteCriticalSection

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f32638d1d75aaf106ea69803104e338

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

msvcrt

winscard

user32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 93KB - Virtual size: 93KB

.xdata Size: 93KB - Virtual size: 93KB

.tls Size: 93KB - Virtual size: 93KB

.pdata Size: 512B - Virtual size: 274B

.CRT Size: 512B - Virtual size: 12B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 534B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 93KB - Virtual size: 93KB

.xdata
Size: 93KB - Virtual size: 93KB

.tls
Size: 93KB - Virtual size: 93KB

.pdata
Size: 512B - Virtual size: 274B

.CRT
Size: 512B - Virtual size: 12B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 534B