c71d5d492f08cdf1e5493d82703b7f115f0f49dc7386c205c5be3dc50e4d992a

Sharing

Copy URL Twitter E-mail

General

Target

c71d5d492f08cdf1e5493d82703b7f115f0f49dc7386c205c5be3dc50e4d992a
Size

56KB
MD5

dc3bd9fd5a10ad93c86a592e8ced4338
SHA1

8d34c23fbb598fc1f3ed564784fc28787b05816b
SHA256

c71d5d492f08cdf1e5493d82703b7f115f0f49dc7386c205c5be3dc50e4d992a
SHA512

182b8c223d2433154de69144d8d82167c3391e3d700ba7456922e9c4b637431d48ed895be848591645271ddac27e349720a3963cf46abd336b2bfee52f6146e9
SSDEEP

768:sVz0SAtmCRf5+pEAqZ9Vvvutd4psWYGaJ3iqhJ8b2OXbfn98U:sVQSxm5+ibZGtd4prYGaJSqvs/b98U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c71d5d492f08cdf1e5493d82703b7f115f0f49dc7386c205c5be3dc50e4d992a

Files

c71d5d492f08cdf1e5493d82703b7f115f0f49dc7386c205c5be3dc50e4d992a
.dll windows:4 windows x86 arch:x86

132423414b2b24e6deeb6937024a4ba2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ovnpro.exe

?getmenuview@@YAPAUviewstr@@XZ
?txconvertable@@YAPAUos_error@@HHPAUfilestr@@@Z
?pagesectionof@@YAHPAUchainobject@@PAUfilestr@@PAH2@Z
?fob_find@@YAPAXHPAUfilestr@@@Z
?nselected@@YAHPAHPAUfilestr@@@Z
?sc_remove@@YAPAUos_error@@HPAU1@@Z
?sc_namex@@YAPADH@Z
?sc_create@@YAPAUos_error@@PAH@Z
?sfree@@YAPAUos_error@@PAPAX@Z
?fob_create@@YAPAUos_error@@HPAUfilestr@@HPAPAX@Z
?dxloadchunk@@YAPAUos_error@@PADHPAHPAUfilestr@@@Z
?pictloadsub@@YAPAUos_error@@HHPAUposnstr@@@Z
?modfile@@YAPAUos_error@@PAUfilestr@@H@Z
?bmpinitpicture@@YAPAUos_error@@HHPAUfilestr@@@Z
?fob_delete@@YAPAUos_error@@HPAUfilestr@@@Z
?salloc@@YAPAUos_error@@PAPAXH@Z
?addevent@@YAPAUos_error@@HP6APAU1@HHPAXH@ZH@Z
?wimpt_programname@@YAPADXZ
?zreport@@YAXPAUos_error@@@Z
?addsymboltable@@YAPAUos_error@@PAUfndefn@@PAUxfnlink@@@Z
?remevent@@YAPAUos_error@@HP6APAU1@HHPAXH@ZH@Z
?addwinmessage0@@YAPAUos_error@@P6APAU1@PAUtagMSG@@HPAH11@ZHHH@Z
_GetProcAddress@8
_LoadLibraryA@4
_OpenFile@12
_lstrcatA@8
_lstrcpyA@8
_GetWindowsDirectoryA@8
_FreeLibrary@4
wsprintfA
?enablewindow@@YAPAUos_error@@HHH@Z
?scale@@YAHHHH@Z
_GlobalFree@4
_GlobalUnlock@4
_GlobalLock@4
_GlobalSize@4
?fs_delete@@YAPAUos_error@@PAD@Z
__lclose@4
?fs_checkextension@@YAXPAD0@Z
_GlobalAlloc@8

Exports

Exports

entrypoint

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

132423414b2b24e6deeb6937024a4ba2

Headers

File Characteristics

Imports

ovnpro.exe

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 3KB