0e5a4a09501337f0c9a4b4aafc84939b

Sharing

Copy URL

Twitter E-mail

General

Target

0e5a4a09501337f0c9a4b4aafc84939b
Size

386KB
MD5

0e5a4a09501337f0c9a4b4aafc84939b
SHA1

9f8b726473cfb7bd042c264734c623fbe4f9a907
SHA256

0b5c9142d95f3568e05cc9d061f0b031e87b6953850f884b5d9d4593651da4fc
SHA512

797df6bf84b9581eb326f294d9f3d61b2e2d75427b4839c349fa2062e1f03d9a12b4690cbb2fce419b8c70afd72d0036db822ebce029454a2a0aa05f8d0ea406
SSDEEP

12288:mnIQVdJGY/ECnCAV2FXl5VpmLFvAToN364HOzjLTvceqF7TekvPDix:EZalmLFU4HOnL07jPDQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5a4a09501337f0c9a4b4aafc84939b

Files

0e5a4a09501337f0c9a4b4aafc84939b
.exe windows:4 windows x86 arch:x86

49ca797c57a51c46e40001ee541e3360

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetUserObjectInformationW
RegisterClassExA
SetWindowTextW
RegisterClassA
IsCharAlphaW
LoadMenuIndirectA
GetWindowPlacement

comdlg32

ReplaceTextW

comctl32

InitCommonControlsEx

kernel32

WriteFile
GetStringTypeA
GetDateFormatA
SetHandleCount
HeapReAlloc
GetModuleFileNameW
GetStringTypeW
GetCommandLineA
GetStartupInfoW
TlsGetValue
SetWaitableTimer
WideCharToMultiByte
ReadFile
OpenWaitableTimerA
InterlockedExchange
GetOEMCP
GetFileType
GetVersionExA
SetFilePointer
TlsFree
HeapDestroy
FreeEnvironmentStringsW
IsValidCodePage
GetTickCount
TransmitCommChar
CompareStringA
DeleteCriticalSection
GetProcAddress
IsBadWritePtr
VirtualQuery
LCMapStringW
EnumSystemLocalesA
InitializeCriticalSection
HeapCreate
TlsSetValue
GetModuleFileNameA
FreeEnvironmentStringsA
GetACP
SetStdHandle
GetStdHandle
HeapFree
CompareFileTime
ExitProcess
GetCurrentProcessId
GetCurrentThread
GetTimeZoneInformation
HeapSize
CreateMutexA
UnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetUserDefaultLCID
MultiByteToWideChar
SetLastError
TerminateProcess
IsValidLocale
GetTimeFormatA
GetEnvironmentStringsW
GetSystemInfo
TlsAlloc
SetEnvironmentVariableA
GetEnvironmentStrings
OpenMutexA
VirtualFree
GetLastError
CompareStringW
GetStartupInfoA
GetCurrentProcess
GetCommandLineW
QueryPerformanceCounter
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetModuleHandleA
FlushFileBuffers
HeapAlloc
GetCurrentThreadId
GetLocaleInfoW
LoadLibraryA
GetCPInfo
FileTimeToDosDateTime
RtlUnwind
GetSystemTimeAsFileTime
LCMapStringA

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49ca797c57a51c46e40001ee541e3360

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

kernel32

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 7KB - Virtual size: 36KB

.data Size: 207KB - Virtual size: 207KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 7KB - Virtual size: 36KB

.data
Size: 207KB - Virtual size: 207KB

.rsrc
Size: 11KB - Virtual size: 11KB