0eb86b9f45b56bbeb6eb402b23244d87

Sharing

Copy URL Twitter E-mail

General

Target

0eb86b9f45b56bbeb6eb402b23244d87
Size

135KB
MD5

0eb86b9f45b56bbeb6eb402b23244d87
SHA1

fac5448d68d11ef32d2ca54c2f825a60a7aa6c22
SHA256

4a7ab14324edd2e94facb2f054cb9a7bff11098cea43b70cfea9ded000ef99d8
SHA512

bef2f2e53508f254105b4bfa99ecb18f0662f802c724c84834a3357e4c7df7c113d83a9a9aeae6e95acddb9cce89d52e4fb0cc5ba52a85f3e366b8bbc8f749d7
SSDEEP

3072:XNVGfiG3fcmQL0HiJW8FGNJyBwqlhuqmUR:XzG6GTQL0CUNABwghuq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0eb86b9f45b56bbeb6eb402b23244d87

Files

0eb86b9f45b56bbeb6eb402b23244d87
.exe windows:4 windows x86 arch:x86

f44431701d78de407f9917f8991fcf07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
FindClose
MoveFileExA
GetOEMCP
LoadResource
lstrcatA
InitializeCriticalSection
GetCommandLineW
DeleteCriticalSection
HeapAlloc
GetThreadLocale
VirtualAllocEx
ExitThread
ExitProcess
GetCurrentProcessId
GetDateFormatA
FreeLibrary
GetSystemDefaultLangID
HeapDestroy
MulDiv
GetModuleHandleA
LoadLibraryA
SetThreadLocale
GetProcAddress

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoA

user32

IsCharUpperA
GetCapture
DefMDIChildProcA
EndPaint
CloseClipboard
GetActiveWindow
SetWindowLongA
GetClientRect
SystemParametersInfoA
GetSysColor
GetSystemMetrics
CreateMenu
GetClassInfoA
EnableMenuItem
DestroyIcon
CheckMenuItem
GetClassNameA
CallNextHookEx
DestroyWindow
GetMenu
LoadIconA
FindWindowA
SetWindowPos
EndDialog
EnumWindows
GetWindow
GetWindowThreadProcessId
GetKeyboardLayoutNameA
ScreenToClient
DrawMenuBar
GetClassLongA
ReleaseDC
CharUpperA
GetParent
SetActiveWindow
RemovePropA
SetScrollInfo
GetPropA
DrawTextA
LoadKeyboardLayoutA
DestroyMenu
GetWindowLongW
InsertMenuA
CreatePopupMenu
SetCapture
PtInRect
InsertMenuItemA
GetLastActivePopup
IntersectRect
DestroyCursor
EnumChildWindows
SetScrollPos
BeginPaint
MapVirtualKeyA
IsDialogMessageA
KillTimer
MessageBoxA
SendMessageA
GetCursor
TranslateMDISysAccel
GetDesktopWindow
GetForegroundWindow

gdi32

SelectPalette
GetBkColor

Exports

Exports

0s5iW
cSzaka79CV@24
q4h9a

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f44431701d78de407f9917f8991fcf07

Headers

File Characteristics

Imports

kernel32

version

user32

gdi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 10KB - Virtual size: 117KB

.ffdata Size: 98KB - Virtual size: 97KB

.data Size: 5KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 112B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 10KB - Virtual size: 117KB

.ffdata
Size: 98KB - Virtual size: 97KB

.data
Size: 5KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 112B

.rsrc
Size: 8KB - Virtual size: 8KB