0f833d87ac238f440078237cee14ba37 | Triage

Sharing

General

Target

0f833d87ac238f440078237cee14ba37
Size

314KB
MD5

0f833d87ac238f440078237cee14ba37
SHA1

4c1a95efda2b5c7f2c0ad0d5f024317096110536
SHA256

e68ef0887314755923ef3d0a097420afe96df0f834ab311f6d3c50aa78c42a32
SHA512

1c2837f1feb38a2cad14d8390269998407c904cf06bf409690930e064d087d49ef5b76c55dd0e4eb40ef76c72e69636f47285d7387e0989b66b56b571490a5a3
SSDEEP

6144:e455h1Ac5RGffk9NCEqNcrWJYmzGPfsf0b2JcjXufn2fdDykh:l5ocWff0riYmCPXLK2F/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f833d87ac238f440078237cee14ba37

Files

0f833d87ac238f440078237cee14ba37
.exe windows:4 windows x86 arch:x86

68abcbe0a7b6c8510cde6eff85e8d7e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GlobalCompact
RaiseException
CloseHandle
GlobalAddAtomA
DeleteAtom
GetStdHandle
GlobalLock
VirtualAlloc
GetCommState
LocalSize
LoadLibraryExA
GetOEMCP
GlobalFindAtomA
ExitThread
GlobalFree
EnterCriticalSection
ClearCommBreak
GetProcessHeap
LoadResource
lstrcpyn

user32

GetForegroundWindow
IsIconic
ValidateRect
GetActiveWindow
CloseWindow
GetWindow
GetClassNameA
GetWindowTextA
BeginPaint
GetDC
DrawEdge
GetClassInfoExA
EndPaint
ShowWindow
AlignRects
ReleaseDC
GetWindowTextLengthA
GetParent
GetFocus

wsock32

WSASetBlockingHook
WSAGetLastError
WSACleanup
WSAAsyncGetServByPort
WSAStartup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ