0eb0bd558486f50fae3bb0ab55f777f3

General

Target

0eb0bd558486f50fae3bb0ab55f777f3
Size

80KB
MD5

0eb0bd558486f50fae3bb0ab55f777f3
SHA1

2150210d2f237570e5b31655c8c2c0a2076119c3
SHA256

22e2d4a430bff9e4bdab6a63bdc0847a2e17b0d18eb0ea7e5bfc4a1fa9f1b655
SHA512

a1acc0ea9ba3b36804fd86a0c59caa048f3eba3a7d0ff2a3de5ebab8eaead9c5a914c64e8619287fcf9ad8a9d4800674f126b9f3bd431a04303c0643c6e31b84
SSDEEP

1536:Ng2g95FOypUO+MHgg7oeWV/BQOE9NzP94p:qnj7oeWV/yb9RCp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0eb0bd558486f50fae3bb0ab55f777f3

Files

0eb0bd558486f50fae3bb0ab55f777f3
.exe windows:4 windows x86 arch:x86

ce4bd45a135dd1583a8d951f11ece4a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

PeekMessageA
MessageBoxA
wsprintfA
PostMessageA
TranslateMessage
DispatchMessageA
RegisterClassA
DestroyWindow
DefWindowProcA
CreateWindowExA

shell32

ShellExecuteExA

kernel32

GetVersionExA
VirtualFree
HeapDestroy
HeapCreate
GetStringTypeW
GetStringTypeA
FlushFileBuffers
LCMapStringA
SetStdHandle
LCMapStringW
GetProcAddress
GetCPInfo
SetLastError
CloseHandle
GetLastError
CreateProcessA
GetModuleFileNameA
GetWindowsDirectoryA
Sleep
MultiByteToWideChar
lstrlenA
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentVariableA
FreeEnvironmentStringsW
GetOEMCP
LoadLibraryA
GetACP
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetStdHandle
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
WriteFile
SetFilePointer

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce4bd45a135dd1583a8d951f11ece4a0

Headers

File Characteristics

Imports

advapi32

user32

shell32

kernel32

ole32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 28KB - Virtual size: 24KB