0bcb8c1bdb5dd455a38935b6cd692edf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bcb8c1bdb5dd455a38935b6cd692edf
Size

91KB
MD5

0bcb8c1bdb5dd455a38935b6cd692edf
SHA1

eeb56353fabf318063fc4572b380bb8536d74da8
SHA256

bb81d6c1e1ba8d605aa496d7b1bdecb14b2a8e653d39eed6e61e1fe1e5abc1fb
SHA512

2112c7891182aef1d845fb8a30d7d0899928828ea8bec01320581bb7358e07c1d2df1c1fcfbca9553b3504758f6f7d548cb9c030b64056789dbfa2e9959b0d6c
SSDEEP

1536:Ob4RZ1eEzucxf7/l5Im5Gb+hhuSp6YLVfiAWhMoVjoUL9VK8sgWtSHD7NhCF137/:ObgDyurlWkGb+aOFWhMIcUHK/gWQH/NY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcb8c1bdb5dd455a38935b6cd692edf

Files

0bcb8c1bdb5dd455a38935b6cd692edf
.exe windows:4 windows x86 arch:x86

de6fdcdc7f4ad649a7529bf91b3c3b02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ws2_32

WSCInstallProvider

Sections

CODE
Size: 85KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE