0b323530396c73a0d5d791bb2e34fcdd | Triage

Sharing

General

Target

0b323530396c73a0d5d791bb2e34fcdd
Size

89KB
MD5

0b323530396c73a0d5d791bb2e34fcdd
SHA1

2c5753ef71190e81a0ab2e5358fb6da45e144cee
SHA256

7262263033e43cd28b582a8f5cdde204218dbe377b2593e2746e58fb2508f7a4
SHA512

5e41eb43262657c5131eeae46a467bf7ea4ab51a7e375c29d7989dc7e4820b3fef942659b293e57eaa354199943bb0c8d0db77e2582d7c096552f17c804bfb85
SSDEEP

1536:DFOnrduhbOAetTNOinDrZhQcnprVF9TGyjc:DFAdHAeB4idpxF9iyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b323530396c73a0d5d791bb2e34fcdd

Files

0b323530396c73a0d5d791bb2e34fcdd
.exe windows:4 windows x86 arch:x86

7e0c07aaf0d05e09f170e933f80ef4cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetLastError
CreateThread
GetTickCount
lstrlenA
HeapDestroy
GetModuleHandleA
GetDiskFreeSpaceA
VirtualProtect
ReleaseMutex
AddAtomA
ExitProcess
GetConsoleFontSize
FindVolumeClose
CloseHandle
FindResourceExA
SetEvent
SearchPathA
DeleteCriticalSection
Sleep

user32

GetMessageA
EnableWindow
DialogBoxParamA
DispatchMessageA
GetScrollBarInfo
DragDetect
IsIconic
GetKeyState
CopyIcon
CloseWindow
EndDialog
CreateWindowExA
CreateMenu
CopyImage

wshbth

WSHOpenSocket2
WSHNotify
WSHJoinLeaf
NSPStartup
WSHIoctl

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uncbzth
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE