0c56a5584ac89a4b5971dc178b978240 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c56a5584ac89a4b5971dc178b978240
Size

41KB
MD5

0c56a5584ac89a4b5971dc178b978240
SHA1

05b433471cc72416bfea4f8919b3dc7b7400121c
SHA256

51e7a80ae7c3b4c9810d19c06ec351459fda3801c361bd7b6196364b111abf91
SHA512

320237fd49143c8c05d05a5fe82fa3be8b5eb5788a5aa0783e3b87e7656902bbb63adfe91ea5b45108aea5f73deb9350c0bef9fb2a98f438e6fa373f7ca29617
SSDEEP

768:g8uLn2wQ3nRpY319OXvMntxiLXTZ5xqcS:g1c3n8EXacH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c56a5584ac89a4b5971dc178b978240

Files

0c56a5584ac89a4b5971dc178b978240
.exe windows:4 windows x86 arch:x86

dac4bf2eff79497aa101736c505cb70f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
FindClose
GetDiskFreeSpaceA
TlsGetValue
SetEvent
SearchPathA
GetTickCount
FindResourceExA
CreateThread
Sleep
VirtualProtect
CloseHandle
GetCalendarInfoA
GetModuleHandleA
ReleaseMutex
FindVolumeClose
ExitProcess
DeleteCriticalSection
lstrlenA
GetLastError

user32

EnableWindow
GetMessageA
CopyImage
DispatchMessageA
DragDetect
GetUpdateRect
GetScrollBarInfo
CreateMenu
CreateWindowExA
EndDialog
CloseWindow
DialogBoxParamA
IsIconic
GetKeyState

msdmo

DMOGetName
DMOEnum
DMOUnregister
DMOGetTypes
DMORegister

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ