c0a214a4b28d1cbc93794859f344f99e

Sharing

Copy URL Twitter E-mail

General

Target

c0a214a4b28d1cbc93794859f344f99e
Size

701KB
MD5

c0a214a4b28d1cbc93794859f344f99e
SHA1

74d0033647a08d89b0b09e2dbff7c3751d37fba4
SHA256

81af6762a0675a911dd7e6caece8f0827b253a7e1eb6f77dcfed560cacaa4da6
SHA512

4004fe91dc011705e83251d29c3bf22367d3ab26d06f75ec13081e8b64f23d6717ac16db35b08c1efeb6f808035fa044293001b8a30ce59e26055c262f31fcde
SSDEEP

12288:iiz3mb2VLy9+WalJl/5CDnIa9fSesn/WiDxi2wgRSRIwzy76fpwVDh257mUXCnZ:/34Hml/i39PsWiti2wIP7upwDh25adZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0a214a4b28d1cbc93794859f344f99e

Files

c0a214a4b28d1cbc93794859f344f99e
.exe windows:4 windows x86 arch:x86

64ace19ffed827445775dc45d3fd3e40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
SetConsoleCursorInfo
DebugBreak
RtlUnwind
GetProcAddress
RaiseException
FreeLibrary
GetConsoleMode
InterlockedExchange
GetCurrentThread
IsValidLocale
VirtualFree
GetStringTypeW
GetConsoleCP
DeleteCriticalSection
CreateFileA
UnhandledExceptionFilter
CreateMutexA
GetLocaleInfoA
SetEnvironmentVariableA
ExitProcess
TlsGetValue
SetUnhandledExceptionFilter
GetStartupInfoW
GetComputerNameA
LCMapStringW
GetCommandLineW
LocalHandle
GetSystemDefaultLCID
MultiByteToWideChar
IsDebuggerPresent
GetStringTypeA
Sleep
InterlockedDecrement
EnumSystemCodePagesA
HeapCreate
GetSystemTimeAsFileTime
GetFileType
GetLastError
GetStdHandle
TlsSetValue
LoadLibraryA
GetStartupInfoA
LoadLibraryW
TlsAlloc
GetThreadTimes
HeapAlloc
EnumSystemLocalesA
CompareStringW
SetTimeZoneInformation
GetFullPathNameA
GetCurrentProcessId
TlsFree
GetCPInfo
OutputDebugStringW
GetTickCount
TransmitCommChar
GetFileAttributesW
EnterCriticalSection
WriteConsoleA
HeapDestroy
GetModuleHandleW
GetTimeFormatA
GetCurrentThreadId
SetFileAttributesW
FreeEnvironmentStringsW
GetLocaleInfoW
LCMapStringA
GetTimeZoneInformation
HeapValidate
IsValidCodePage
HeapSize
HeapReAlloc
GetDateFormatA
VirtualQuery
InterlockedIncrement
GetPrivateProfileSectionA
GetNamedPipeHandleStateW
SetConsoleCtrlHandler
GetCurrentProcess
VirtualAlloc
InitializeCriticalSectionAndSpinCount
SetHandleCount
SetFilePointer
GetModuleFileNameW
LeaveCriticalSection
SetStdHandle
WaitNamedPipeW
WriteFile
GetModuleHandleA
lstrlenA
QueryPerformanceCounter
WriteConsoleW
GetThreadLocale
OpenMutexA
IsBadReadPtr
SetLastError
GetConsoleOutputCP
GetProcessHeap
GetUserDefaultLCID
OpenSemaphoreA
ReadFile
FlushFileBuffers
HeapFree
GetModuleFileNameA
OutputDebugStringA
TerminateProcess
GetACP
GetOEMCP
CloseHandle
GetCommandLineA
GetEnvironmentStringsW
ReadConsoleOutputCharacterW
CompareStringA
FileTimeToDosDateTime

comctl32

InitCommonControlsEx

user32

GetListBoxInfo
RegisterClassA
SetRectEmpty
PostThreadMessageW
GetWindowTextA
RegisterClassExA
ValidateRect
DrawCaption
WinHelpA
VkKeyScanW
CallWindowProcW
AttachThreadInput
FreeDDElParam

Sections

.text
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ace19ffed827445775dc45d3fd3e40

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 321KB - Virtual size: 321KB

.rdata Size: 48KB - Virtual size: 72KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 321KB - Virtual size: 321KB

.rdata
Size: 48KB - Virtual size: 72KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 13KB - Virtual size: 13KB