0f394734c65d44915060b36a0b1a972d

General

Target

0f394734c65d44915060b36a0b1a972d
Size

365KB
MD5

0f394734c65d44915060b36a0b1a972d
SHA1

426bc6bb3704441e5804d75ad020706f06b3db5d
SHA256

7dee2bd4e317d12c9a2923d0531526822cfd37eabfd7aecc74258bb4f2d3a643
SHA512

95dd09d429746ec95a86b731f2e86b643c35273a0f8d9350ba0d6b821ec082273aeb32463aecf98e5f36af3b0dc7e9dbe38d6b9208d8cea5d3b89708bb0b2f81
SSDEEP

6144:6GdIfnPxW3l1zo9X14HyuciAhM7vk6uGQzgYsCmXiL+jvJNxvgfD:1dIKlahgzAhMQ6u9gYsCmXJjvHFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f394734c65d44915060b36a0b1a972d

Files

0f394734c65d44915060b36a0b1a972d
.exe windows:4 windows x86 arch:x86

9c0446ba1cf83e6d888c594178d6b2d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
Sleep
GetWindowsDirectoryA
SetCurrentDirectoryA
GetLastError
CreateMutexA
GetTickCount
LoadLibraryA
GlobalAlloc
ReadFile
GetLocaleInfoA
GetComputerNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
GetFileAttributesA
SetFilePointer
LocalAlloc
LocalFree
DeleteFileA
CreateFileA
WriteFile
SetFileTime
GlobalFree
CloseHandle
SetEndOfFile
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW

advapi32

OpenSCManagerA
OpenServiceA
ControlService
DeleteService
CloseServiceHandle
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyA
GetUserNameA

shell32

ShellExecuteA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c0446ba1cf83e6d888c594178d6b2d5

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

iphlpapi

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 26KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 26KB