0bddb4e85459c718160ea668c2c2f541 | Triage

Sharing

General

Target

0bddb4e85459c718160ea668c2c2f541
Size

46KB
MD5

0bddb4e85459c718160ea668c2c2f541
SHA1

6886dbf03c1368117d9b6663d6f97ea71ce0301e
SHA256

e489b69449a9fefa67aee06e12f202831e8d3b4dd0c7dacfff96cc5722481abf
SHA512

23765048e2bc3a0d3f96aa284a73065f03f3dee1346976660c1e281b786536cfd6ba15569741f068c2b07f5196466e5e6ef037bb1aa66fd1ad840bd41e9b52cf
SSDEEP

96:X5U18B1JDRJDN28WkB5uhRnClfit58hLNIU9f6CVEWS:XDI81Ut+hZIUhFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bddb4e85459c718160ea668c2c2f541

Files

0bddb4e85459c718160ea668c2c2f541
.exe windows:4 windows x86 arch:x86

28fe5c4f27dc7a0c1a6c0f0db21a2a13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hostwin32

ord91
ord6
ord260
ord267
ord259
ord2
ord83
ord28
ord521
ord43

coredll

ord232
OpenEmulRootKeys
CloseEmulRootKeys
ExitProcess
PostWinMain
PreWinMain
ord1231
ord1177
GetStartupInfoW
ord544
GetCurrentProcess
ord545
ord61
ord495
ord2
ord84
emul_DumpDiagnostics
ord229
ord230
ord1153
ord86
ord2009

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE