c0bca6e083b6580bec3c49cfc57a856a

General

Target

c0bca6e083b6580bec3c49cfc57a856a
Size

152KB
MD5

c0bca6e083b6580bec3c49cfc57a856a
SHA1

366f545201e8e87d5e86af5707432e1f5ff5d56d
SHA256

e291248f809f1d86c6c69c3a0a4abeda417547122486e272ea09794da9b3889f
SHA512

f8ecf230139b281978662900611acc282f120cb7ea6174911c8953fe2f0b66ee3945dd898448edaef95d32c19a9de64646d92b3429624b97eabf05505c52a2db
SSDEEP

3072:/xNUDexzLLVerzg6K8lmS/ZHIOp5n+v1IsI6JLjXgDZFcT/YOHbRUxqgSxLrvRW+:5dLAE6ZlXh5n+NB9bgD0zYMQ3wN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0bca6e083b6580bec3c49cfc57a856a

Files

c0bca6e083b6580bec3c49cfc57a856a
.dll windows:4 windows x86 arch:x86

a229e4561697dcac8b31cc6789582640

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcess
GetConsoleKeyboardLayoutNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 102KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a229e4561697dcac8b31cc6789582640

Headers

File Characteristics

Imports

comdlg32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 114KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 46KB - Virtual size: 45KB

.reloc Size: 512B - Virtual size: 306B

.text
Size: 102KB - Virtual size: 114KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 46KB - Virtual size: 45KB

.reloc
Size: 512B - Virtual size: 306B