0e1a6d80b5251bf04af65f5707b39cc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e1a6d80b5251bf04af65f5707b39cc7
Size

72KB
MD5

0e1a6d80b5251bf04af65f5707b39cc7
SHA1

24f7958f44feda2fd9b18d1e80aea899312f384c
SHA256

81ae5febb92daa415bd60c30ed8b097c1ff73808719b104cec10fd95c3b66484
SHA512

839130c6bfcf907a869cf33fcb30af9176651768f7b24007f191ea0f0c3e226bfc6d24ab23f7cfe9d977bc430a2626f696d95f219ad9c2769705c8caa4dc11ba
SSDEEP

1536:s8LxwO+SJj7x6nYSAqIpTJE4GmskRvoskqqs:s8LxmSJjQEzrT9/ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e1a6d80b5251bf04af65f5707b39cc7

Files

0e1a6d80b5251bf04af65f5707b39cc7
.exe windows:4 windows x86 arch:x86

9b36747cc08626e4c717f434a53a804d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
ScrollWindow
GetMenu

kernel32

lstrcpyA
WideCharToMultiByte
lstrlenA
lstrcpynA
LoadLibraryA
ExitProcess
WriteFile
VirtualAllocEx

Exports

Exports

7RE4r6YtjX02u1
_Ev9jLZjdWiqNhI@24
MKa3pUSg@4
_LZREJQ9dXLEkGG
PVb0898

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 421B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ