Malicious_0b05f88df0fe1b052a79652c5ea4c12eb03454ecacefce1b0c8cefae0f9a538b[.]exe | Triage

Sharing

General

Target

Malicious_0b05f88df0fe1b052a79652c5ea4c12eb03454ecacefce1b0c8cefae0f9a538b.exe
Size

4KB
MD5

e2f86a5108d82182213299ba3f5965bb
SHA1

67ea91ca639efc1748c79cfbaec8500724bbd203
SHA256

9767d97779ae43bad6c313025b087fd8f23b1b8a40b91ff0acd1d9c2019ce579
SHA512

2f57220475286fee2f51a7ded27f3ed9ad7dcd473dde37bf387289897328883867a1355b71cbeba98767c636205bd1ff7705e9ca5a8014c54112978737caf561
SSDEEP

48:vpgLClZ7snpfV1cLfvf/EtWPblbjOsV2OLuZKQi3uYmRhHSQ:BVJQt1cbvfJpvV2wuZdi3uVRhHSQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Malicious_0b05f88df0fe1b052a79652c5ea4c12eb03454ecacefce1b0c8cefae0f9a538b.exe

Files

Malicious_0b05f88df0fe1b052a79652c5ea4c12eb03454ecacefce1b0c8cefae0f9a538b.exe
.dll windows x86

c3a15a1718e72493b378fabaf339126a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinW
SHGetSpecialFolderPathW

user32

EnumDesktopsA
EnumDisplaySettingsExA
GetClipboardFormatNameW
GetUserObjectInformationA
RegisterWindowMessageW
ShowScrollBar

shlwapi

PathMakeSystemFolderA
SHOpenRegStreamW
SHRegCreateUSKeyW
StrRChrA

rpcrt4

NdrByteCountPointerBufferSize
NdrClientCall
NdrConformantArrayFree
RpcBindingSetOption
RpcMgmtInqIfIds

msi

ord16
ord107
ord121
ord130
ord147
ord157

winmm

midiInOpen
mixerClose
mixerGetNumDevs
mod32Message

ws2_32

getpeername
ntohs
recv

oleaut32

OleLoadPictureFileEx
SafeArrayGetElement
VarDecCmpR8
VarFormat
VarI4FromStr

kernel32

CreateFileW
DebugBreak
GetFileSize
GetTempPathW
IsDebuggerPresent
ReadFile
VirtualAlloc
lstrcatW

Exports

Exports

YUcoedrockdk

Sections

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ