0c017c8f570a1dd1be8b7babbff302e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c017c8f570a1dd1be8b7babbff302e7
Size

9KB
MD5

0c017c8f570a1dd1be8b7babbff302e7
SHA1

b8b1dbb2f7642674e0e03fec682093f0648e68bf
SHA256

cb6b0e0ad1463f0e6abf1190703afe90fe916e554085418379fc47e05e6dba09
SHA512

4ae98bd48603fa94d8676e9b7fb94301d381ecf3a78e8610de5878188ea5dd3dec218fd484d12754780d8de8acdd9516fb86fcbb24546761195296e12236be91
SSDEEP

48:OEP/ZE9AFSvlmYJ6ry3T6LotZzm0AVINs5udoBH+myC:nPhE9AFS9mYn3T6kto0AV4q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c017c8f570a1dd1be8b7babbff302e7

Files

0c017c8f570a1dd1be8b7babbff302e7
.exe .vbs windows:1 windows x86 arch:x86 polyglot

9d71359b35f01594d82a1bd2669433ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CreateFileA
ExitProcess
FindFirstFileA
FindNextFileA
GetCommandLineA
WriteFile
lstrcpyA
CloseHandle

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE