a0e102e88f81ceff687cc12efcc5a149

General

Target

a0e102e88f81ceff687cc12efcc5a149
Size

68KB
MD5

a0e102e88f81ceff687cc12efcc5a149
SHA1

0b6c9bdf88561870d7b33d207f3745bf7306c552
SHA256

dc72bc412edba20a76e786ccd23d9f5ba37c356f800b84fc555ddd7afd98c229
SHA512

21922c2a90b3a2e9f4d29e384ba79df0595c5897163f291ec4102218805f83988fbb0a590c55e6062760332b477ca8462f0b3eab4722fa6b20fb3c3ba5a077fd
SSDEEP

1536:SaHdAJ+SWStNuy0X7wzGkFsmdkvfxaRnj4IQ0lqT90nvVFGmrk/:rHmzhZwwi6smdp4IQ0lc0nvVzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e102e88f81ceff687cc12efcc5a149

Files

a0e102e88f81ceff687cc12efcc5a149
.dll windows:4 windows x86 arch:x86

39accf7541b36a54ba7a7d090eb1d235

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessWorkingSetSize
WaitNamedPipeA
VirtualAlloc
GetTapePosition
FindFirstFileA
GetVDMCurrentDirectories
GetWriteWatch
HeapValidate
GetCommandLineA
VerifyVersionInfoA
GetNamedPipeInfo
UpdateResourceA
ResetWriteWatch
ExitProcess
GetModuleFileNameA
GetCommandLineW
OpenFileMappingA
GetSystemTime
GetModuleFileNameA
GetDefaultCommConfigA
PostQueuedCompletionStatus
GetCommMask
GetVolumePathNameA
UnlockFile
CopyFileExW

wininet

InternetOpenUrlA
DeleteUrlCacheEntryW
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA
InternetOpenA

user32

GetClipboardSequenceNumber
TrackPopupMenuEx
RegisterUserApiHook
EndDeferWindowPos
FlashWindow
GetInternalWindowPos
GetProcessDefaultLayout
GetMenuItemInfoA
ImpersonateDdeClientWindow
DispatchMessageA
GetWindowTextA
FindWindowExA
DefDlgProcA
InSendMessageEx
GetSysColorBrush
PostThreadMessageA
GetAltTabInfoA
EnumDisplaySettingsExA
GetParent
GetProgmanWindow
GetUpdateRect
MessageBoxIndirectA
OpenClipboard
ReplyMessage
DestroyCursor

Exports

Exports

GetTeqwrfih
Ewgcpukmv

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39accf7541b36a54ba7a7d090eb1d235

Headers

File Characteristics

Imports

kernel32

wininet

user32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 56KB - Virtual size: 187KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.itext
Size: - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 187KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB