a0d6a28e6233b7f5a2a1952ce6f04800

General

Target

a0d6a28e6233b7f5a2a1952ce6f04800
Size

126KB
MD5

a0d6a28e6233b7f5a2a1952ce6f04800
SHA1

91d1e9a894df167a3f130e26e80bbc71cb990e2a
SHA256

98b11b1881ac3cba59e76e3b1ee9b98fe6c9a6674837e27c0f10230fd8aa75a1
SHA512

21580e2f4604821fa0d386dc50a6e84f665adb5f51997fb7ef5c8859222a59c59d32479e29bfd03bec80c284d7e0070ea00b57e52f55d0dd56112549e679bae9
SSDEEP

3072:BycPap6okGDZ9t7pQQqjg81dInbKEX6NDzDAb:AL5UtdibHKNLA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0d6a28e6233b7f5a2a1952ce6f04800

Files

a0d6a28e6233b7f5a2a1952ce6f04800
.exe windows:5 windows x86 arch:x86

f02bb17b5290142b058fe6afb5342cd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
atoi
wcstoul
srand
isalpha
free
ctime
strrchr
_access
wcscat
__p__osver
__setusermatherr
__set_app_type
__p__fmode
_cexit
?terminate@@YAXXZ
__getmainargs
__p__iob
_finite
_chsize
__CxxFrameHandler
fread
_XcptFilter
_wtoi
isdigit

ole32

CLSIDFromProgID
CoFreeUnusedLibraries
OleInitialize
CoRevertToSelf
CreateBindCtx
StgIsStorageFile
OleSaveToStream
WriteClassStm
CoMarshalInterface
StringFromGUID2
OleRegGetMiscStatus
OleLoadFromStream

user32

GetWindowTextW
SystemParametersInfoW
GetClassNameA
LoadImageW
SystemParametersInfoA
SendMessageW
IsRectEmpty
SetDlgItemTextW
ChangeMenuA
GetCapture
GetSystemMetrics
RegisterClassExW
PtInRect
IsWindow
IsChild
IsIconic
IsWindowEnabled
CharNextA
GetAncestor
CharUpperA

kernel32

CompareStringW
GetCurrentThreadId
VirtualAlloc
RtlUnwind
FindNextFileA
GetCurrentProcessId
GetLocalTime
lstrcmpA
HeapReAlloc
GetWindowsDirectoryW
ExitProcess
WriteFile
GlobalUnlock
MultiByteToWideChar
LocalFree
FindNextFileW
OutputDebugStringA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f02bb17b5290142b058fe6afb5342cd9

Headers

File Characteristics

Imports

msvcrt

ole32

user32

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 54KB - Virtual size: 164KB

.reloc Size: 512B - Virtual size: 483B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 54KB - Virtual size: 164KB

.reloc
Size: 512B - Virtual size: 483B