0b1613ccbf661804c46a325d63d06d75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b1613ccbf661804c46a325d63d06d75
Size

75KB
MD5

0b1613ccbf661804c46a325d63d06d75
SHA1

3388636299a4a2142a2f24983cc55a05b469c32d
SHA256

7fc4b240c0d4bc72036cf1c798e714d8045e996085c97fe8d2202c659947eb12
SHA512

75238e54219e008d3b07ed8d7f52ec3306cfeb22e5bebb8c5e10da204d42a34e4af0c8139af62181fe666d930a8ae9b3bbe6aa1c16f75eae93ce0132a7e2ab12
SSDEEP

1536:qy2WN8DVyn0y30jQ8uBtk+0Qq6qlta26iDyABpo6rHzBJngjBqDyO58+tOwVM1yr:qdLyiy89vyOpvM1yUJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1613ccbf661804c46a325d63d06d75

Files

0b1613ccbf661804c46a325d63d06d75
.exe windows:4 windows x86 arch:x86

b661bfd495f6fa98bd2af9e1cfea0e5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FindAtomW
HeapSize
WaitForSingleObject
SetFileAttributesW
DeleteFileW
IsBadReadPtr
ExitProcess
SetLastError
GetModuleHandleA
SuspendThread
GetStdHandle
VirtualAlloc
DeleteAtom
CreateFileA
SetEndOfFile
GetFileSize
ReadFile
GetCurrentDirectoryA
GetVersion
GetFileAttributesA
SetLastError
EnterCriticalSection
GetEnvironmentVariableA
GetCommandLineA

cryptui

CryptUIDlgFreeCAContext
CryptUIDlgSelectStoreA
DllUnregisterServer
CryptUIWizExport
CryptUIDlgFreeCAContext
CryptUIWizImport
DllRegisterServer
CryptUIWizDigitalSign
CryptUIDlgFreeCAContext
LocalEnroll
LocalEnrollNoDS
CryptUIWizBuildCTL
CryptUIDlgViewContext

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ