0b82df7a8ca7686542f383ca4788868b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b82df7a8ca7686542f383ca4788868b
Size

57KB
MD5

0b82df7a8ca7686542f383ca4788868b
SHA1

b1a8c8395055a17189c4fbfccd7d2c54c4ae9e74
SHA256

6f4baa4ce93c4e5fdbf0b7c91f65dedb444cf3772cfa81070bb10263202dddfa
SHA512

f2053726059c2488fb6469b77eb1b9c40b992c7ac5cf58a19355410ea10aa25c1de2e9b1add1336f45244523f088a1302082164b2ec9cd8ebbff3446c84992ca
SSDEEP

768:yZos7YglG2bwI0B//gn5ccfcJExsEuxX3t+CT1M5IEIW7aFxHDt45liIAEvEVFQF:7s7ll9w5uccUJ/EWXTTk8t45l1EVFXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b82df7a8ca7686542f383ca4788868b

Files

0b82df7a8ca7686542f383ca4788868b
.exe windows:5 windows x86 arch:x86

5837c3d16e12816367dd862edf3eb9e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
IsDBCSLeadByte
GetProcAddress
FindCloseChangeNotification
GetModuleFileNameA
GetModuleHandleA
ExitProcess
SetErrorMode
IsBadStringPtrW
AddAtomA

user32

CreateWindowExA
CreateMenu
ShowWindow
DialogBoxParamA
GetWindowThreadProcessId
GetShellWindow
DefWindowProcA

gdi32

CreateCompatibleDC
SelectObject
SelectPalette

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ