a0fcc093126eb92283299c56e0fc9e65

Sharing

Copy URL Twitter E-mail

General

Target

a0fcc093126eb92283299c56e0fc9e65
Size

455KB
MD5

a0fcc093126eb92283299c56e0fc9e65
SHA1

3324301d4598610a978c8d40e20fd88a1f0cbd31
SHA256

831a0daf9f3e78c4f5056097a59f49263d05bb6de2ac5236a4237a48a4849aa3
SHA512

180eb176746ce30a11fa2d5d3821039ca04bddcb8b219642f8c199466722a31b99d24c32858d87772c56c1b5c5064c3dca783f23b5f6255dcabf1d3869deb379
SSDEEP

12288:kOcpiKgNBAzSYJtq9ethiixBD+Up+Ih92MtJMMnMMMMM:kqBODW9uhHxoTcMMnMMMMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0fcc093126eb92283299c56e0fc9e65

Files

a0fcc093126eb92283299c56e0fc9e65
.exe windows:4 windows x86 arch:x86

5bd4f313da04539bdb9dd9326328f069

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxIndirectParamW
GetSysColor
GetDC
LoadBitmapA
GetWindowRect
SendDlgItemMessageA
MessageBeep
DialogBoxParamA
DialogBoxIndirectParamA
ReleaseDC
EndDialog
CreateWindowExW
SendMessageW
GetDlgItemTextA
SetDlgItemTextA
LoadImageA
ShowWindow
LoadCursorA
SetFocus
DialogBoxParamW
WinHelpA
SetCursor
GetParent
EnableWindow
GetWindowLongA
LoadStringA
GetDlgItem
SetWindowLongA
CallMsgFilterA

shell32

ShellExecuteA

shlwapi

StrCatBuffW

wintrust

WintrustAddActionID
WTHelperGetProvSignerFromChain
WinVerifyTrust
WintrustRemoveActionID
WTHelperGetProvCertFromChain
WTHelperCertIsSelfSigned

msi

MsiDatabaseExportW

cfgmgr32

CM_Get_Child

kernel32

GetSystemTimeAsFileTime
lstrlenW
GetCurrentProcess
LeaveCriticalSection
HeapAlloc
GetCurrentProcessId
GetProcAddress
GetTickCount
FileTimeToSystemTime
EnterCriticalSection
HeapReAlloc
GetCurrentThreadId
VirtualAlloc
HeapFree
ExitProcess
QueryPerformanceCounter
GetDateFormatA
GetLastError
SetProcessWorkingSetSize
DeleteCriticalSection
lstrlenA
lstrcmpiA
CompareFileTime
InitializeCriticalSection
InterlockedCompareExchange
WinExec
UnhandledExceptionFilter
TerminateProcess

gdi32

GetTextMetricsA
SelectObject
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPointA
DeleteObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 221KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bd4f313da04539bdb9dd9326328f069

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

shlwapi

wintrust

msi

cfgmgr32

kernel32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 221KB - Virtual size: 1.8MB

.rdata Size: 43KB - Virtual size: 42KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 181KB - Virtual size: 180KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 221KB - Virtual size: 1.8MB

.rdata
Size: 43KB - Virtual size: 42KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 181KB - Virtual size: 180KB