0d5bf1edbeb0b92d7286dd3023ce99b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d5bf1edbeb0b92d7286dd3023ce99b6
Size

183KB
MD5

0d5bf1edbeb0b92d7286dd3023ce99b6
SHA1

18d0d555495d5b626e1966ec5f71677082f9bd74
SHA256

e40f7e3e54ad9d538f8db77f6fb3e1d97f1e1dd159bf8635e3cb3ed5a87a69e1
SHA512

95085aad76eec9a0c81bc3b9f958f62293985d2e67be2c77f5b2b81910abea72d34bab2c0bd4f7f4240f2dc72945b132ebc5aba93a9d8c992dc631d0298e7862
SSDEEP

3072:nCJPK7G/xcAZvngjXk7nn0rbSNBnKpyJyRSug0vm5CBNV7FyBAMq8dcBEzjxF:nCJPj5cyngQ7nnzDHybPvEgVAHqicyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5bf1edbeb0b92d7286dd3023ce99b6

Files

0d5bf1edbeb0b92d7286dd3023ce99b6
.exe windows:4 windows x86 arch:x86

8f28ed235234d78c56069948a500994f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrFixedArrayFree
UuidCreate

shell32

Shell_NotifyIconA

shlwapi

PathFileExistsW

kernel32

FlushInstructionCache
FindFirstFileA
FindResourceExA
MapViewOfFile
EnumResourceNamesW
OpenWaitableTimerW
UnmapViewOfFile
DuplicateHandle
GetModuleFileNameW
FindClose

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ