OA[.]exe | Triage

Sharing

General

Target

OA.exe
Size

202KB
MD5

772d43e5e0a6d498f5135bfd5930637d
SHA1

a29f96c449a5e2a921fa297c5300f7bc00649312
SHA256

35d867bfc9f65321059c1207faf4f081739c1022aa3363555805c44350ac19e5
SHA512

6c33eed04a37fe6c979f9013c2bb4ed2567686b904966aa43c0ab7fcdac4b8be155131ee0fa2f0be46411f0f923ee4d41bc75c089ab5a9dccbd584f294db4de0
SSDEEP

3072:9qgp8+K0FG6nYvyG6nYIBwcMMLTR5Tr1jYgLDiE6678Nj69bsjIGa:I81nLGSsc5LTnPNYgLDIjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OA.exe

Files

OA.exe
.exe windows x64

b4c6fff030479aa3b12625be67bf4914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ocic
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE