0d037a5f2bad848686b4dd299cd1cd80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d037a5f2bad848686b4dd299cd1cd80
Size

18KB
MD5

0d037a5f2bad848686b4dd299cd1cd80
SHA1

45e32bd7db3ee078dafa0a4af83d0e8e3a585e48
SHA256

cfff9c82c8d149ab1c68a22f9340da99e4a5f059846ed4bfd059c97ddcf0deb2
SHA512

c3ccbcdebe7a1aac9c81cc765c42e241d76f51c79e15e017c0103585f60b1b46d1afa92e3b1f04fbc1656458bafbad5d2115b41a57d77b40bcbb21ccffb31f7e
SSDEEP

192:JUlPfT5n5V2rXjBzI2Wz/WT7UTw6KfyILfylWfqmH7fyfcIUs+T++Gmd:J2Po7ji2W707UTw6AlT+WymHDcZcz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d037a5f2bad848686b4dd299cd1cd80

Files

0d037a5f2bad848686b4dd299cd1cd80
.exe windows:4 windows x86 arch:x86

2ffec5e86ed46592b8fcf94cf3e6e528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
TlsAlloc
GetSystemDefaultLangID
GetCommandLineA
VirtualAlloc
FreeLibrary
GetCurrentThreadId
GetCurrentProcess
GetDriveTypeW
TlsGetValue
IsDBCSLeadByte
GetLogicalDrives
lstrcatA
TlsSetValue
GetModuleHandleW
TlsFree
Sleep
GetCurrentThread
GetModuleFileNameA
GetCurrentProcessId
lstrcmpA

user32

GetWindowLongA
BeginPaint
GetWindow
ReleaseDC
IsIconic
GetActiveWindow
RegisterClassA
GetWindowTextLengthA
GetForegroundWindow
GetSystemMetrics
UpdateWindow
CreateWindowExA
ShowWindow
GetFocus
GetWindowTextA
GetDC
IsWindowVisible
GetClassLongA
GetWindowDC

gdi32

SelectObject
SetTextColor
SetBkMode
GetObjectA
GetStockObject
DeleteObject

clbcatq

SetSetupOpen
DowngradeAPL
SetSetupSave
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ