a0c413e3241639de2aac2da366ff868f

General

Target

a0c413e3241639de2aac2da366ff868f
Size

53KB
MD5

a0c413e3241639de2aac2da366ff868f
SHA1

969fc0cabc26a1224a1df7821ed3adac892e9356
SHA256

36dfbdf068cf7135e138364b5972a676f35f15eea93eb86309fbe78b732fbadb
SHA512

29d1a78be35dca6506f3aa65d81b95679cf3a65177d190dd1646bea32ebf05d053d06ec4ec6c68f17119964cb4ef31361d5395799a1018f303389fdfb1494838
SSDEEP

768:wxb51LIl4k7W0ux/7l/qZue/YkXDIAbffurKepdYsWetGTCmSBJbgtl4jhOLTLlE:MjuXCkEe/YSDnHutGRt6kLlE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c413e3241639de2aac2da366ff868f

Files

a0c413e3241639de2aac2da366ff868f
.exe windows:5 windows x86 arch:x86

b8a6cb8d2417ff1185caf52e924d80fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
lstrcpynW
IsValidLocale
SetConsoleCP
VirtualQuery
GlobalAddAtomW
OpenProcess
GetTempFileNameA
EnumResourceNamesA
GetSystemTimeAsFileTime
GlobalAlloc
GetACP
ReplaceFile
LoadLibraryA
FreeConsole
EnumCalendarInfoExA
GetCommandLineW
GetConsoleAliasW
AddAtomW
GetSystemWow64DirectoryA

imm32

ImmGetRegisterWordStyleW
ImmCreateContext
ImmIMPGetIMEW
ImmLoadLayout
ImmGetIMEFileNameW
ImmGenerateMessage
ImmGetCandidateListCountA
ImmSetCompositionWindow
ImmIMPSetIMEW
ImmSetHotKey
ImmGetConversionStatus
ImmGetIMCCLockCount
ImmGetImeMenuItemsA
ImmUnlockIMC
ImmGetIMCCSize
ImmSendIMEMessageExA
ImmEscapeW

wininet

SetUrlCacheEntryInfoA
SetUrlCacheEntryGroup
InternetWriteFileExW
InternetAutodial
HttpOpenRequestA
FreeUrlCacheSpaceA
InternetCreateUrlA
InternetAttemptConnect
FtpPutFileW

rasapi32

RasGetErrorStringW
RasGetEapUserIdentityA
RasSetCustomAuthDataA
RasEnumAutodialAddressesW
RasEnumDevicesW
RasGetProjectionInfoA
RasGetEntryDialParamsA
RasGetConnectStatusA
RasConnectionNotificationA
RasSetSubEntryPropertiesA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8a6cb8d2417ff1185caf52e924d80fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

imm32

wininet

rasapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB