0dadf2dc1a2bf0483c53525504824148

General

Target

0dadf2dc1a2bf0483c53525504824148
Size

23KB
MD5

0dadf2dc1a2bf0483c53525504824148
SHA1

9d3334c6a8c187310527ce0994432786fa929d0a
SHA256

48d06e6f96721ac9d135333b07c57a0bf58437cd2fa070295b0d347d3dd60473
SHA512

75f702b555e26a83b2097ca07040fdad9904a8e6e2526f655236518b0af39682a2739783a2227257266f4a2a4642191570dc7f7a368652eb5f2fcfeefdc48347
SSDEEP

384:dA/QapjZ6d436LmnQmZdWzI21BisaAcU0sQQGzMwbhsS7ankAj:y/QapjtDL4aeLQ7fHA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dadf2dc1a2bf0483c53525504824148

Files

0dadf2dc1a2bf0483c53525504824148
.exe windows:5 windows x86 arch:x86

3e134640a3538d4043e8e3714548897e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentExPointW
GdiConvertToDevmodeW
PATHOBJ_vGetBounds
AddFontMemResourceEx
GdiAddFontResourceW
ArcTo

user32

DrawFrame
IMPGetIMEA
TabbedTextOutA
MapVirtualKeyW
UserRegisterWowHandlers
GetMenuItemInfoW
TabbedTextOutW
SetWindowsHookExW

ole32

CoInitializeEx
GetDocumentBitStg
HPALETTE_UserUnmarshal
HBITMAP_UserSize
PropSysAllocString
HACCEL_UserUnmarshal
CoCreateInstance

advapi32

LsaQueryDomainInformationPolicy
LogonUserA
SetNamedSecurityInfoExA
LsaGetUserName
ObjectDeleteAuditAlarmW
ConvertStringSidToSidA
ConvertSecurityDescriptorToAccessA
ClearEventLogW
SystemFunction029

kernel32

SetSystemTimeAdjustment
GetConsoleCommandHistoryLengthA
SetConsoleFont
BackupSeek
VirtualFreeEx
GetVolumePathNameA
OpenSemaphoreW
CreateProcessInternalWSecure
RemoveDirectoryW
FindResourceA
MulDiv
EnumSystemLanguageGroupsA
EnumCalendarInfoA
GlobalAddAtomA
UnregisterWait

msvcrt

__p__mbcasemap
_y1
_open
__CxxLongjmpUnwind
_lrotr
_rmdir
_makepath
_wrename
_getsystime
wcsncmp

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e134640a3538d4043e8e3714548897e

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

ole32

advapi32

kernel32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB