0ecd24d32b9c4d19f7e8c8ebb7fa47c9

Sharing

Copy URL Twitter E-mail

General

Target

0ecd24d32b9c4d19f7e8c8ebb7fa47c9
Size

140KB
MD5

0ecd24d32b9c4d19f7e8c8ebb7fa47c9
SHA1

2abccbc8c3a7b963433cd81e1b793faf9632a856
SHA256

d361b5a98a928b44750598a807982833ae72b55fe3754e79453aabfc3bb89356
SHA512

29c3cde597bcab4a5e2657702bbea8e7b8aa3315a9cea122e2bf3b2de1002ce109b837a5024f7a56adecfbc95dadf8ad42c3a981294a3be07956298fe5084e45
SSDEEP

3072:jxG1j5w/7VNt/dLRqaO4qR69FY9BQaiOw8ULnjRbK:FGzw/7Vj/7NODR6mBQaiOwpjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ecd24d32b9c4d19f7e8c8ebb7fa47c9

Files

0ecd24d32b9c4d19f7e8c8ebb7fa47c9
.exe windows:4 windows x86 arch:x86

d51e6e0783a311bd65ab31f397c1b3a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHQueryValueExA
SHStrDupA
SHEnumValueA
SHSetValueA
SHQueryInfoKeyA
SHDeleteValueA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
FindTextA

kernel32

GetProcessHeap
HeapAlloc
GlobalAddAtomA
GetSystemDefaultLangID
LockResource
GetModuleHandleA
GetStdHandle
GetOEMCP
LoadLibraryExA
LoadResource
GlobalAlloc
lstrlenW
GetThreadLocale
RaiseException
InitializeCriticalSection
VirtualAllocEx
GetStartupInfoA
GetLocalTime
GetACP
GetVersion
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetProcAddress
IsBadReadPtr
HeapFree
GlobalFindAtomA
ExitThread
lstrlenA
GetTickCount
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
GetUserDefaultLCID
GetLastError
GetModuleHandleW
ExitProcess
GetModuleFileNameA

shell32

SHFileOperationA

msvcrt

wcstol
strncmp
asin
wcschr
exp
pow
strlen
tolower

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 527B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d51e6e0783a311bd65ab31f397c1b3a7

Headers

File Characteristics

Imports

shlwapi

comdlg32

kernel32

shell32

msvcrt

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 527B

DATA Size: 4KB - Virtual size: 882B

.hdata Size: 12KB - Virtual size: 9KB

.adata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 527B

DATA
Size: 4KB - Virtual size: 882B

.hdata
Size: 12KB - Virtual size: 9KB

.adata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB