0d64b0b3dde7e36e5eba175718e39336

Sharing

Copy URL

Twitter E-mail

General

Target

0d64b0b3dde7e36e5eba175718e39336
Size

163KB
MD5

0d64b0b3dde7e36e5eba175718e39336
SHA1

94d4b1757e8389ca2dff351926402b551ff77ae8
SHA256

cdabc97117d4d6e6cf35a9c8f1df5ddb3ee0df4958970c83539ba7708bd06b91
SHA512

64ccbc010d26223f5c982610db85165d8f029f8895ede90fd503be3d649e4d8fe5faee112930884bd3b7472156f6e7ed7222d320bf71ef06d52da908efd42b39
SSDEEP

3072:PK+mttcAwwcitz9xCplVXopwppny/npY/QsJiwUSCZzi3QuX6:PK+StXlcM9xCFopwpDYXPZzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d64b0b3dde7e36e5eba175718e39336

Files

0d64b0b3dde7e36e5eba175718e39336
.exe windows:4 windows x86 arch:x86

0da96a879abe6b03e80b720e419a3315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
EnableWindow
GetWindowTextW
GetLastActivePopup
GetWindowLongW
GetDC
LoadCursorW
MessageBoxW
CheckMenuItem
ModifyMenuW
EnableMenuItem
GetSysColor
GetSystemMetrics
LoadBitmapW
GetParent
GetMenuCheckMarkDimensions
IsWindowEnabled
GetSysColorBrush

kernel32

GetCommandLineA
VirtualProtect
GetShortPathNameW
RtlUnwind
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
SetFilePointer
HeapReAlloc
VirtualAlloc
SetUnhandledExceptionFilter
IsBadCodePtr
GetProcessAffinityMask
HeapSize
HeapCreate
GetStringTypeW
GetEnvironmentStrings
FlushFileBuffers
QueryPerformanceCounter
LCMapStringA
IsBadWritePtr
VirtualFree
TerminateProcess
GetOEMCP
EnumResourceTypesW
GetSystemInfo
GetTickCount
WriteFile
HeapAlloc
SetStdHandle
VirtualQuery
GetCPInfo
GetStringTypeA
HeapFree
IsBadReadPtr
GetSystemTimeAsFileTime
HeapDestroy
GetFileAttributesA
GetStartupInfoA
UnhandledExceptionFilter
GetCurrentProcessId
GetFileType
GetCurrentProcess
GetStdHandle
FreeEnvironmentStringsW
LCMapStringW
ExitProcess

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

gdi32

SetViewportExtEx
DeleteObject
ScaleWindowExtEx
SetTextColor
DeleteDC
SaveDC
GetClipBox
SetViewportOrgEx
GetDeviceCaps
SelectObject
Escape
SetWindowExtEx
SetBkColor
CreateBitmap
SetMapMode
RestoreDC
ScaleViewportExtEx
RectVisible
PtVisible
ExtTextOutW
OffsetViewportOrgEx
TextOutW
GetStockObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da96a879abe6b03e80b720e419a3315

Headers

File Characteristics

Imports

user32

kernel32

shell32

shlwapi

advapi32

gdi32

winspool.drv

ole32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 100KB