0b449b077986f911b074000fc529543f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b449b077986f911b074000fc529543f
Size

168KB
MD5

0b449b077986f911b074000fc529543f
SHA1

68b99ef216daa010f353196db035b1f1615b5960
SHA256

dda3b79b87ec14ff158604588fded566da411ea2103f7aed87fbdc641a8aaf18
SHA512

aa96a897e0cc6c5ac301c584c9469671956302e3ad94a164e35f640b900eee1b8be035e1c983ca338b32d9e96932ac572af5d4a31c2128d16d84c3cc45ea77b5
SSDEEP

3072:K4jNg31FONjxDYYaSyN2GZAbnB48YXwJF+Bft+s7AmU+4lK7:I1FON9DYYaSyoGZKK8YXbwGAmU+4lK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b449b077986f911b074000fc529543f

Files

0b449b077986f911b074000fc529543f
.exe windows:4 windows x86 arch:x86

281393c483ef3bfb4ab92b32b1d88a7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetProfileIntA
LoadLibraryExA
lstrlenA
SuspendThread
GetTickCount
HeapReAlloc
GetStdHandle
GetCommandLineA
CloseHandle
GetModuleHandleA
GetSystemDefaultLangID
GetConsoleCP
GlobalUnlock
CompareFileTime
WaitForMultipleObjects
AddAtomA
WaitForSingleObject
GetVersion
VirtualProtect
HeapCreate

user32

ModifyMenuA
GetKeyState
SetWindowPos
GetKeyboardLayout
CreateCaret
CreateCursor
GetDlgItem
GetMenuStringA
DispatchMessageA
UpdateWindow
TranslateMessage
DestroyMenu
EnableScrollBar
PostMessageA
MessageBoxA
CopyRect
InsertMenuA
DialogBoxParamA
ShowWindow
PaintDesktop
FindWindowA
GetWindowTextA
EqualRect
SubtractRect
SetPropA

atl

AtlAdvise
AtlModuleInit
AtlUnadvise
AtlGetVersion
AtlSetErrorInfo

dnsapi

DnsStatusString

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ