c0b8ca68ccc3e4fd80430d1ae8d576b85e43e858fd834895e67a29527350efd3 | Triage

Sharing

General

Target

c0b8ca68ccc3e4fd80430d1ae8d576b85e43e858fd834895e67a29527350efd3
Size

932KB
MD5

a781a2d1c410c0af364a97ce7848202a
SHA1

d6603187a196f990069a0352ea6539268f289599
SHA256

c0b8ca68ccc3e4fd80430d1ae8d576b85e43e858fd834895e67a29527350efd3
SHA512

53d17234aaf90556990a968e6fde314257def06c8733eab639fe9961d97c54012e2fae690783699b2e614bfbe72d74bec8d0d9896943f6158b2eb250c22bc5e0
SSDEEP

24576:fJAjqzwQfQJ+28UaKaUwgl43GroiAsA82K/O+MhBUK9VWCooO:hAjq888za9a4SoTK/Oh4iVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0b8ca68ccc3e4fd80430d1ae8d576b85e43e858fd834895e67a29527350efd3

Files

c0b8ca68ccc3e4fd80430d1ae8d576b85e43e858fd834895e67a29527350efd3
.exe windows:4 windows x86

3a8897c84eb41f36b4bbabcc617408b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 128KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ