0cb59a4c0bd0f8473b1d0c0537450372d1a009e28d68e03dec0d33e775a0a25d

Sharing

Copy URL Twitter E-mail

General

Target

0cb59a4c0bd0f8473b1d0c0537450372d1a009e28d68e03dec0d33e775a0a25d
Size

11.3MB
MD5

627c14458eabbaaa3c06fcbb6695ec49
SHA1

5903b67f0f27fb87e14d129d79eee7eb193f71c3
SHA256

0cb59a4c0bd0f8473b1d0c0537450372d1a009e28d68e03dec0d33e775a0a25d
SHA512

a0a6afb58a97ddebb11bfa76f46969097f36fb0f5c1e693059327f200da729ab94a0a2bea935ce5d0237c978134a1148668b6577528c3fb5f79a6af848c9846d
SSDEEP

196608:wWQL7I+2PU2CszXdSyjnpmYe68OOgen8ul13boYZQQep0QHoaV0Sh:wWQyPPCYS6pmYedcen8UL7ZC0+NV0S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cb59a4c0bd0f8473b1d0c0537450372d1a009e28d68e03dec0d33e775a0a25d

Files

0cb59a4c0bd0f8473b1d0c0537450372d1a009e28d68e03dec0d33e775a0a25d
.exe windows:5 windows x86 arch:x86

c9796ddc5b4e6be055e409f76bff302d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

advapi32

CreateProcessAsUserA

iphlpapi

GetExtendedTcpTable

msvcrt

_CIfmod

ole32

CoUninitialize

oleaut32

SafeArrayCreate

psapi

GetModuleBaseNameA

shell32

ShellExecuteExA

user32

PeekMessageA

winmm

PlaySoundA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.,|<
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.=k2
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.2+h
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8vb
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9796ddc5b4e6be055e409f76bff302d

Headers

File Characteristics

Imports

kernel32

advapi32

iphlpapi

msvcrt

ole32

oleaut32

psapi

shell32

user32

winmm

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 4KB

.data Size: - Virtual size: 646KB

.,|< Size: - Virtual size: 240KB

.=k2 Size: - Virtual size: 6.2MB

.2+h Size: 1KB - Virtual size: 1KB

.8vb Size: 11.1MB - Virtual size: 11.1MB

.rsrc Size: 239KB - Virtual size: 238KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 4KB

.data
Size: - Virtual size: 646KB

.,|<
Size: - Virtual size: 240KB

.=k2
Size: - Virtual size: 6.2MB

.2+h
Size: 1KB - Virtual size: 1KB

.8vb
Size: 11.1MB - Virtual size: 11.1MB

.rsrc
Size: 239KB - Virtual size: 238KB