0fcdcdb12aa5e6fe45510b99631c6382 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fcdcdb12aa5e6fe45510b99631c6382
Size

7KB
MD5

0fcdcdb12aa5e6fe45510b99631c6382
SHA1

450119d08b415e2bf8738a54a169302500203d90
SHA256

bdd5c18e72958a4c14255f48b2b809dd156e9e0add0b2792ea2a5d55fe45d8f1
SHA512

a4d00952c6d1bf7c72211885a71233ec549155c84b10e5879752447ef365b42e26630b366d94d4faeb02fa2f312786e2648a53b5ff5e4d61569f8a7838a7dd0a
SSDEEP

96:K2vnWfmCnSY554EDiw9hTO0mBnILDmQbH2K/TnlJ3q6:K4nSmh06p0mBnIDW0TnlJ3q6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fcdcdb12aa5e6fe45510b99631c6382

Files

0fcdcdb12aa5e6fe45510b99631c6382
.exe windows:5 windows x86 arch:x86

c208b1f8be9e135704d2344d93493058

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA

kernel32

GetStartupInfoA
RtlUnwind
GetVersion
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetProcAddress
GetModuleHandleA
GetLastError
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
IsDebuggerPresent
GetCommandLineA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

wvsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE