0a2d0acdc0543f253985adf481e5d5003e20038b568e07e5292775c13cfb3812[.]OA

Sharing

Copy URL

Twitter E-mail

General

Target

0a2d0acdc0543f253985adf481e5d5003e20038b568e07e5292775c13cfb3812.OA
Size

575KB
MD5

6d73b7e3967ec42f90bae88b410a8351
SHA1

2ff8579cc1102be946eaa8e8b6704463965fea74
SHA256

1d42b72a61bdfdb6aecc1df67f1705ebeadef1bc48aaa011b97c85de2f932e06
SHA512

34c5b26d2839c9617f42b2b125ecd8569f16b2654c55673d19ba3e646b2c1c1757c76082abd3b9970bf1b1db39fbabf25270d2999ab45cd629f3f87736ee5117
SSDEEP

12288:Hz+YmJJuGZYbzz2IgfFblCJxfS6ysoraDfqf1b/gjP2A9Ps6:dsJJYaICOR1FZDfqf1b/gjP2QP7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a2d0acdc0543f253985adf481e5d5003e20038b568e07e5292775c13cfb3812.OA

Files

0a2d0acdc0543f253985adf481e5d5003e20038b568e07e5292775c13cfb3812.OA
.exe windows:4 windows x86 arch:x86

85f1712b277344e638a110887ff00d32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleFileNameA
GetFirmwareEnvironmentVariableA
DeleteTimerQueue
GetTapeStatus
GlobalMemoryStatusEx
HeapWalk
SetFilePointerEx
SetFirmwareEnvironmentVariableA
CreateThread

comdlg32

ChooseColorA
PageSetupDlgW

clusapi

OpenCluster

urlmon

CoInternetCombineUrl

imm32

ImmDestroyContext

pdh

PdhGetCounterInfoW

user32

wsprintfW

ntdsapi

DsFreeSpnArrayA

msvcrt

wcstoul
isalnum
memcpy

ole32

HMENU_UserUnmarshal

setupapi

SetupBackupErrorA

oleaut32

VarCyFromI1

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 849B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrt1
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85f1712b277344e638a110887ff00d32

Headers

File Characteristics

Imports

kernel32

comdlg32

clusapi

urlmon

imm32

pdh

user32

ntdsapi

msvcrt

ole32

setupapi

oleaut32

Sections

.text Size: 16KB - Virtual size: 12KB

ordo Size: 4KB - Virtual size: 849B

.t Size: 4KB - Virtual size: 46B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 368KB

.mrt1 Size: 100KB - Virtual size: 97KB

CODE Size: 100KB - Virtual size: 97KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 16KB - Virtual size: 12KB

ordo
Size: 4KB - Virtual size: 849B

.t
Size: 4KB - Virtual size: 46B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 368KB

.mrt1
Size: 100KB - Virtual size: 97KB

CODE
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 96KB - Virtual size: 94KB