0dfffc96889016e823d9c6f98d2db0de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dfffc96889016e823d9c6f98d2db0de
Size

74KB
MD5

0dfffc96889016e823d9c6f98d2db0de
SHA1

f76815409b491c4226580dd66eade47c3fddef6e
SHA256

d3a6cec9584a562d91c00efcf1058c3b57d33dbf76bd7bf03965b879d52b4658
SHA512

03e141b440ffe71c24acb2a7c73b681a3cf8839f563a3acb734362978ae05325db34ee2ea6facb293e3ae09f7a21a33e437ca98ea732ca66294d75b45b676368
SSDEEP

1536:jaVSEPJ3/Ez3stadLHcwEN25Tf9ukNGZq72XVF7:aQbstadLG2ZfYwkGCX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfffc96889016e823d9c6f98d2db0de

Files

0dfffc96889016e823d9c6f98d2db0de
.exe windows:4 windows x86 arch:x86

17a2446bacd595182f178ac0a4964c7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
sprintf
getenv
memset
_exit
_XcptFilter
exit
_acmdln
__getmainargs
??2@YAPAXI@Z
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
atoi
_except_handler3
_ftime
strlen
_initterm
srand

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
Sleep
GetStartupInfoA

user32

DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DefWindowProcA
PostQuitMessage

Sections

.
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1010B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 773B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ