0b3c8cdf3480b4e623e1952d31514d90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b3c8cdf3480b4e623e1952d31514d90
Size

2.3MB
MD5

0b3c8cdf3480b4e623e1952d31514d90
SHA1

6de865346b90b16d9a85c4f35d869bfa05c79b52
SHA256

0c94b69520a732425f6d27330acc1d5ef41f0bca03426181b0fea821abf0b2c7
SHA512

6890fff50680bf2bc2571af134bd9522b5964a2a06a9c97ac10ee3da2aa38ec4def917ae1c41f53c8c0a77ff33eca9b4ac5850479e395bb929ec53c8653fe2c4
SSDEEP

3072:er7/bDCwYqINL9rQ1/UnLoJRc/ehNT8X3l1Hjr:6CfhdQ1/GcJRi0eX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b3c8cdf3480b4e623e1952d31514d90

Files

0b3c8cdf3480b4e623e1952d31514d90
.dll windows:4 windows x86 arch:x86

846d3823aad9dbc1f58cfb8281efd4fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
CloseHandle
SetTimerQueueTimer
SetLocaleInfoA
SetEndOfFile
ReleaseSemaphore
LocalAlloc
EnumUILanguagesW

ntdll

RtlGetSetBootStatusData

user32

ReleaseDC

advapi32

ReadEventLogW

gdi32

PtInRegion
Pie
PathToRegion
GetTextColor
GetTextAlign
PtVisible
GdiSetBatchLimit
ExtFloodFill
EnumFontsA
CreateScalableFontResourceW
ArcTo
GetDeviceCaps
RoundRect
SetArcDirection
SetBkColor
SetBitmapBits
RealizePalette

shell32

ShellExecuteA

quartz

AmpFactorToDB

Exports

Exports

Nyaez7MkSEFyH53e

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ