0e5a82a7b838f28d842c3e1fc65b01d5

Sharing

Copy URL Twitter E-mail

General

Target

0e5a82a7b838f28d842c3e1fc65b01d5
Size

482KB
MD5

0e5a82a7b838f28d842c3e1fc65b01d5
SHA1

1b6de6bbaeece892560fe2f19eb3c52a293c30da
SHA256

81c14aec40c50c28a9c1ad9abefc9e6bcaa5b738db72e30a5cafb2ee1d46dfaa
SHA512

f69010db9dd389c56934150930ace717a7c9f21cac83d52d61b4df1b6b93387977f1736e514cde3ffff543817ab6a07153ce92c853f41d1c8ab7823ed01ab5ef
SSDEEP

6144:UfrwIRUA8rnofLAXTfdA24Jqj8SmM2/L8UlT0pKj7WhVsapG+KKzqCUSbfecE:UfczYLADlAdqISmM2TjKoC5WbSSn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5a82a7b838f28d842c3e1fc65b01d5

Files

0e5a82a7b838f28d842c3e1fc65b01d5
.exe windows:4 windows x86 arch:x86

7c4aa440a7c8fdcb445b96766ed57a56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

CreateDesktopW
RegisterClassExA
SetDebugErrorLevel
GetDlgItemTextW
MonitorFromPoint
CharPrevW
SetWindowsHookA
SetActiveWindow
MessageBoxW
RegisterClassA
GetWindowTextLengthW
TabbedTextOutW

kernel32

GetConsoleCP
GetCurrentProcess
GetProcessHeap
MultiByteToWideChar
GetVersionExA
EnterCriticalSection
HeapDestroy
GetOEMCP
GetSystemTimeAsFileTime
VirtualAlloc
FindAtomW
IsValidLocale
GetEnvironmentStringsW
GetTimeFormatA
IsValidCodePage
FlushFileBuffers
TlsSetValue
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcessId
SetHandleCount
TerminateProcess
GetConsoleMode
InterlockedIncrement
SetEnvironmentVariableA
GetProcAddress
TlsFree
CreateFileA
WriteConsoleA
OpenMutexA
SetLastError
GetLastError
FreeLibrary
CreateMutexA
LCMapStringW
GetCurrentThread
HeapAlloc
DeleteCriticalSection
GetModuleFileNameA
Sleep
GetStringTypeW
HeapReAlloc
TlsGetValue
WriteFile
ReadFile
CloseHandle
SetStdHandle
VirtualFree
LeaveCriticalSection
UnhandledExceptionFilter
SetFilePointer
FreeEnvironmentStringsA
InterlockedDecrement
TlsAlloc
ExitProcess
SetConsoleCtrlHandler
GetModuleHandleA
VirtualQuery
HeapFree
LoadLibraryA
GetCommandLineA
QueryPerformanceCounter
HeapCreate
GetTickCount
CompareStringW
GetLocaleInfoW
FreeEnvironmentStringsW
GetStartupInfoA
GetLocaleInfoA
WriteConsoleW
GetStringTypeA
IsDebuggerPresent
RtlUnwind
GetCPInfo
InitializeCriticalSection
GetFileType
EnumSystemLocalesA
GetStdHandle
GetCurrentThreadId
GetUserDefaultLCID
WideCharToMultiByte
GetEnvironmentStrings
HeapSize
CreateSemaphoreA
GetDateFormatA
LCMapStringA
CompareStringA
GetConsoleOutputCP
GetACP
GetTimeZoneInformation

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c4aa440a7c8fdcb445b96766ed57a56

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 310KB - Virtual size: 310KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 310KB - Virtual size: 310KB

.rsrc
Size: 7KB - Virtual size: 6KB