0ece4b8c24bb7c6e92b3ae05c2fa226e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ece4b8c24bb7c6e92b3ae05c2fa226e
Size

492KB
MD5

0ece4b8c24bb7c6e92b3ae05c2fa226e
SHA1

8ce1c7264a39e1a2a86e452dfa75f0a0c91f2eb2
SHA256

7c6f7fdc48dd7c48fa994f10571de353d2591a4def86213a9037ddc22f85d003
SHA512

fd51e643f07c85b3825d5c289a5dfc38bac23a74be31ec1c044dbd6db1c23fcccbc65a8d20c6efbe26c623d0517593a403154bbaa843d613096349b7617d8a8b
SSDEEP

6144:aL6mD2PEkEvAzwdpFmdJazNImb00NUy/CaccI29guJzaMCcUgXr/+:CPvN7Fsyb0M3/Scy64PgXL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ece4b8c24bb7c6e92b3ae05c2fa226e

Files

0ece4b8c24bb7c6e92b3ae05c2fa226e
.exe windows:4 windows x86 arch:x86

5b7b71e0799929036986dcee95a3ae75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
HeapCreate
GetProcessTimes
GetModuleHandleA
ReadFile
GetFileAttributesA
CreateMailslotA
GetPrivateProfileStringW
SetLastError
GetCurrentThreadId
FindClose
GetCurrentProcessId
LocalFree
ResetEvent
SuspendThread
EnumCalendarInfoW
EnterCriticalSection
GlobalFree
GetDriveTypeW
GetModuleFileNameA

user32

GetKeyboardType
GetClientRect
GetWindowLongA
DispatchMessageA
SetFocus
DispatchMessageA
GetKeyState
GetWindowInfo
GetSysColor
DrawTextW
CallWindowProcW
IsWindow
GetClassInfoA

colbact

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ