0bffb9a1458f25e8507fc1a83340ccec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bffb9a1458f25e8507fc1a83340ccec
Size

168KB
MD5

0bffb9a1458f25e8507fc1a83340ccec
SHA1

7481ab6ace7f98c7b0c9fb27cc1e48b444a52adb
SHA256

b17ed6e245df2b9e2031899b1d21035d403a775714bba7f8e17bb898e0384cdd
SHA512

20bb582b2478921a4de0cd2d7f47341cb529e42f507cfad2b553b1ab5bb9545d874bf001413833d59ec71b5e17db8d967efbd2420fef37b73922fbffcde2812e
SSDEEP

3072:7jKF0YOAmJ7PawBcnfP1DCJYBsVaGNW6ZNF6v5Ejm89PU+jZm2/:iJOZJraDnn1WJYBsrJO5En9x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bffb9a1458f25e8507fc1a83340ccec

Files

0bffb9a1458f25e8507fc1a83340ccec
.dll windows:4 windows x86 arch:x86

f981bc27848b1eb296bbae15e56c17eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

SafeArrayDestroyDescriptor
CreateErrorInfo
VarMonthName
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 107KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 310B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ