0e4f0a92cd1264e20aee4f0a62925ca8

General

Target

0e4f0a92cd1264e20aee4f0a62925ca8
Size

67KB
MD5

0e4f0a92cd1264e20aee4f0a62925ca8
SHA1

59e7a21c5df9e624f3a478e314fe151e50251eaf
SHA256

83f01ce241f3dd4b677e1682385fac3d80d6c4bd7fa525d666f6634f443d70c0
SHA512

01ee9319810286bc873a75ef0ad5f1ba92515d7121bfbe11177dc9897511de0c2134f09fdbd4cbb891843f526a2b69621ffa53600999230bfebc59813b3ba3bb
SSDEEP

1536:xzBVDmgc8GYGuE5MCACP/LindPZLBOkbI8Wb:pt0YG35MrkQtOGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e4f0a92cd1264e20aee4f0a62925ca8

Files

0e4f0a92cd1264e20aee4f0a62925ca8
.exe windows:4 windows x86 arch:x86

438e5444ac96dd4c75f343f04f40d8c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
lstrcpyA
GetFileTime
GlobalLock
SetEvent
SetFileTime
CreateProcessW
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualProtect
lstrlenA
GetFileAttributesA
CloseHandle
lstrcatW
FindNextFileW
GetFileSize
HeapReAlloc
WideCharToMultiByte
lstrcmpiW
MultiByteToWideChar
WaitForSingleObject
lstrcpyW
EnterCriticalSection
GetModuleFileNameW

user32

GetForegroundWindow
CharLowerBuffA
OpenWindowStationA
GetKeyState
LoadCursorA
DrawIcon
ExitWindowsEx
MsgWaitForMultipleObjects
GetClassNameA
DispatchMessageA
CloseWindowStation
GetDlgItemTextA
GetClipboardData
GetKeyboardState
GetDlgItem
GetWindowLongA
SetThreadDesktop
GetWindowThreadProcessId

shlwapi

StrCmpNIA
PathFileExistsW
StrCmpNIW
wnsprintfW
wnsprintfA
PathCombineW
SHDeleteKeyA
PathRemoveFileSpecW
PathFindFileNameW
wvnsprintfW
wvnsprintfA
PathMatchSpecW

advapi32

CryptHashData
CryptAcquireContextW
CryptReleaseContext
RegCreateKeyExA
RegDeleteValueA
CryptCreateHash
RegEnumKeyExA
DuplicateTokenEx
RegQueryValueExA

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

438e5444ac96dd4c75f343f04f40d8c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 512B - Virtual size: 16KB