0c481fffcfbab7aa265522ffe30b78b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c481fffcfbab7aa265522ffe30b78b8
Size

274KB
MD5

0c481fffcfbab7aa265522ffe30b78b8
SHA1

8d0cfd6788786dc9f51df4ac0f36f7899e33a545
SHA256

3a70bf7688322b74845afdcdfebfcc4457c72f5b24935c41d4e0084f67f72f4d
SHA512

f5e5d15e077e604ee4c4dff3cfebce3de0dd83a2df8ec9e04513999c5d9f823e6722e2232786e504e91f717a07f389dd7f1b792daca685b1c8d2733cd950a76c
SSDEEP

6144:mn2jmo7TElCk/QyZszHAxpHeJybNZzQNAk4MSTDxManU1jb2c:Oo7IkYHsHcpHTbPbB/nKP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c481fffcfbab7aa265522ffe30b78b8

Files

0c481fffcfbab7aa265522ffe30b78b8
.exe windows:4 windows x86 arch:x86

2221f9f47846e9bda6a899b599cd5d77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
GlobalGetAtomNameW
GetCurrentProcessId
lstrlenA
EnumResourceLanguagesW
WriteFile
WideCharToMultiByte
FindFirstFileA
ReadFile
EnumResourceTypesA
SetFilePointer
GetSystemDirectoryW
FindNextFileA
QueryPerformanceCounter
GetModuleHandleA
GetCurrentThreadId
IsDBCSLeadByte
FindClose

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

LresultFromObject
CreateStdAccessibleProxyA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ