a0ec6c8579c1dfb0df7e7fc8c22730d7

General

Target

a0ec6c8579c1dfb0df7e7fc8c22730d7
Size

1.0MB
MD5

a0ec6c8579c1dfb0df7e7fc8c22730d7
SHA1

5d6f49db1adcf76e719546f1837b06d2ec316af8
SHA256

e7c182d6dfe7b891ffdbba3cf64dab02feadd4a4376e65c131e813ec0e13d578
SHA512

bbad06ebe0e7dbb307c7e68cabbdb9087623b066ef6f17842bc219253cd684df8d61b750ead68e88c2f2aeda6bccc9faeeb53c81cbb415439f751efe4cf0ba47
SSDEEP

24576:RuDqDsy0NBw16xg3A/cgEIoqKgy7RfwLzzeQLDTCTVgQaY9wAEY3Wc:RuDqDsy0NBm6xwu0IIfF

Score

7^/10

Malware Config

Signatures

Molebox Virtualization software 1 IoCs

Detects file using Molebox Virtualization software.

resource	yara_rule
sample	molebox

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0ec6c8579c1dfb0df7e7fc8c22730d7

Files

a0ec6c8579c1dfb0df7e7fc8c22730d7
.exe windows:4 windows x86 arch:x86

9a8c7199539cab61ba479069673ca55d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
FormatMessageA
GetAtomNameA
GetLastError
GetTickCount
SetUnhandledExceptionFilter

msvcrt

_getpid
_strdup
__getmainargs
__mb_cur_max
__p___argv
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_isctype
_onexit
_pctype
_setmode
_stricmp
_strnicmp
_vsnprintf
abort
atexit
exit
fclose
feof
ferror
fgets
fopen
fprintf
fread
free
fwrite
getenv
malloc
memcpy
memset
printf
putchar
puts
rewind
signal
strchr
strcmp
strlen
strncmp
time
vfprintf

user32

DialogBoxParamA
EndDialog
GetDlgItemTextA
MessageBoxA
SetDlgItemTextA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024KB - Virtual size: 1023KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctors
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a8c7199539cab61ba479069673ca55d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 1024KB - Virtual size: 1023KB

.ctors Size: 512B - Virtual size: 4B

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 344B

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 1024KB - Virtual size: 1023KB

.ctors
Size: 512B - Virtual size: 4B

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 344B