0b5440900bee3f44200f5785d850ade2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b5440900bee3f44200f5785d850ade2
Size

154KB
MD5

0b5440900bee3f44200f5785d850ade2
SHA1

52c9d287bf08f85934de6f9b8d6c0348135efc22
SHA256

dbf2ecee836e8e0a4e4d538361f51834d5690a7fa66503df62aca38af1072a06
SHA512

eed289cf81724796baf4f47f2158bacf24552d9ec258447c668acb0b6a6460b38e90ad51b82f914646ecec07588768483a09628568cceabdd010f71989e5ac68
SSDEEP

3072:Uh/3ckQ9VTx3CEsVL/9vm9jvVIj4y7q+dtlA2Q9DfjBWJJ2P5ps:Ulsn9LyBu9jv+j4KtlA2Q9Df9Vu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5440900bee3f44200f5785d850ade2

Files

0b5440900bee3f44200f5785d850ade2
.exe windows:4 windows x86 arch:x86

29662b6c2d9f37755a0a84f42ed820d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ReleaseCapture
InvalidateRgn
ValidateRgn
GetCapture
IsWindow
DestroyWindow
FlashWindow
ValidateRect
RealGetWindowClassA
UpdateWindow
IsWindowEnabled
ExcludeUpdateRgn
EnableWindow
GetUpdateRgn

kernel32

FreeLibrary
FileTimeToLocalFileTime
ConvertFiberToThread
FindClose
GetLocalTime
GetShortPathNameW
GetSystemDirectoryW
FindFirstFileW
FileTimeToSystemTime
LocalFileTimeToFileTime
SetThreadIdealProcessor
LocalAlloc
SetEnvironmentVariableW
LCMapStringW
IsBadReadPtr
EnumResourceNamesW
FindResourceW
GetCurrentProcess
SystemTimeToFileTime
GetStringTypeW
CompareStringA
RegisterWaitForSingleObject
LocalFree
SetCurrentDirectoryW
FindNextFileW
LoadResource
GetOEMCP
SetErrorMode
SearchPathW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ