0ecfe9232653371177b6bbd29185cb15

Sharing

Copy URL Twitter E-mail

General

Target

0ecfe9232653371177b6bbd29185cb15
Size

278KB
MD5

0ecfe9232653371177b6bbd29185cb15
SHA1

e11c3c1ced3356cd45e2284f6ebef75772b67fa4
SHA256

a7a01e424c699283bb5e27ac6c0ada7048a8853cea371a9c8a37bd98ab22cbca
SHA512

e5929cc9621ebc2df36b9cbf0f912e990b35df662041e1915501bae41a65d8b90e6db52bfaddf107a84f29916467088b3ab38ae35d4a573e6999acbe23d79d53
SSDEEP

6144:F6xunk2kas11sFENA0Nc7rLEg6baTJuOINZX3jYwu:w2+11sWAVX8UuOqHjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ecfe9232653371177b6bbd29185cb15

Files

0ecfe9232653371177b6bbd29185cb15
.exe windows:4 windows x86 arch:x86

d633730cd73b422397733eae589d1151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetStdHandle
OpenSemaphoreA
SetWaitableTimer
GetLocaleInfoA
ReadFile
HeapAlloc
WriteFile
TlsAlloc
IsValidLocale
TlsSetValue
GetConsoleTitleA
EnterCriticalSection
EnumSystemLocalesA
SetHandleCount
SetLastError
CompareStringW
GetOEMCP
GetStartupInfoA
GlobalGetAtomNameW
MultiByteToWideChar
GetCommandLineA
GetStartupInfoW
GetCommandLineW
FoldStringW
GetSystemInfo
TlsGetValue
GetModuleFileNameW
GetProcAddress
ResumeThread
GetLocaleInfoW
VirtualProtect
FileTimeToSystemTime
GetCPInfo
OpenFileMappingW
GetTimeFormatA
VirtualQuery
IsValidCodePage
VirtualFree
LCMapStringW
DeleteCriticalSection
GetUserDefaultLCID
TlsFree
GetLastError
HeapReAlloc
IsBadWritePtr
ExitProcess
FreeEnvironmentStringsW
UnlockFileEx
VirtualAlloc
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetEnvironmentStrings
GetVersionExA
HeapCreate
GetCurrentThreadId
LeaveCriticalSection
UnhandledExceptionFilter
GetACP
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetTempPathW
GetTickCount
GetStringTypeW
CreateWaitableTimerW
GetDateFormatA
SetEnvironmentVariableA
LCMapStringA
RtlUnwind
GetCurrentThread
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSection
lstrcpynW
GlobalLock
GetFileType
EnumCalendarInfoExA
GetStringTypeA
GetTimeZoneInformation
HeapFree
TerminateProcess
LoadLibraryA

comdlg32

FindTextW
ChooseColorA
GetOpenFileNameA
PageSetupDlgA
PrintDlgA
PrintDlgW

shell32

FindExecutableA
RealShellExecuteExA
SHLoadInProc
DragQueryFileW

gdi32

FillPath
CopyEnhMetaFileA
SetColorSpace
GetEnhMetaFileW
CreateDCW
StretchBlt
GetCharABCWidthsFloatA
EndDoc
StrokeAndFillPath
CreatePolygonRgn
CreateCompatibleBitmap
CreateCompatibleDC
UpdateICMRegKeyW
SelectPalette

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d633730cd73b422397733eae589d1151

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

gdi32

Sections

.text Size: 148KB - Virtual size: 147KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 148KB - Virtual size: 147KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 16KB - Virtual size: 16KB