0de860522a4f1d44390829c356a28f7b39c26b5c026fe453a38a1e6b530f052fN

Sharing

Copy URL Twitter E-mail

General

Target

0de860522a4f1d44390829c356a28f7b39c26b5c026fe453a38a1e6b530f052fN
Size

69KB
MD5

30b733a69f5d569b5121a1151faa6780
SHA1

d89d10628c3e058c97d633350cae821e87666919
SHA256

0de860522a4f1d44390829c356a28f7b39c26b5c026fe453a38a1e6b530f052f
SHA512

ad37b3fb2c7c266a097864149c60cdfbfdfcfa5a9bab338bd8f54d12d9dbd9fb9438c2e753bc4a8f8016a0ba7cb6e1f2ebf2ce8a7ffb53406267b91d3e25699d
SSDEEP

768:jB43uqC+0Lo+RJbaf+s4g/Tgl4iYAiN/F+:rqCVLPa2WnN/F+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0de860522a4f1d44390829c356a28f7b39c26b5c026fe453a38a1e6b530f052fN

Files

0de860522a4f1d44390829c356a28f7b39c26b5c026fe453a38a1e6b530f052fN
.exe windows:4 windows x86 arch:x86

0b755ec2f7365f3897ed4c4462cf700a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
lstrcatA
DeleteFileA
WriteFile
CreateFileA
LoadLibraryA
SetEvent
CreateEventA
lstrcpynA
GetLocalTime
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
LocalFree
GetLastError
EnumResourceNamesA
CreateDirectoryA
LockResource
LoadResource
SizeofResource
FindResourceA
SetFileAttributesA
lstrcmpiA
RemoveDirectoryA
SetCurrentDirectoryA
GetSystemTime
GetUserDefaultLangID
FindClose
FindNextFileA
FindFirstFileA
WideCharToMultiByte
GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetSystemDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
MoveFileA
GetShortPathNameA
GetWindowsDirectoryA
lstrcpyA
LoadLibraryExA
GetProcAddress
FreeLibrary
lstrlenW
lstrcmpA
lstrlenA
SetLastError
MultiByteToWideChar

user32

RegisterClassExA
CreateWindowExA
GetClassNameA
SendMessageA
EnumWindows
wvsprintfA
MessageBoxA
wsprintfA
CharNextA
GetWindowLongA
SetWindowLongA
UnregisterClassA
DefWindowProcA

advapi32

RegFlushKey
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
LookupAccountNameA

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocStringLen

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.7MB - Virtual size: 11.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b755ec2f7365f3897ed4c4462cf700a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 34KB

.rsrc Size: 11.7MB - Virtual size: 11.7MB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 34KB

.rsrc
Size: 11.7MB - Virtual size: 11.7MB