0f9c67cd91708b8e7878ebd551aadaf4 | Triage

Sharing

General

Target

0f9c67cd91708b8e7878ebd551aadaf4
Size

177KB
MD5

0f9c67cd91708b8e7878ebd551aadaf4
SHA1

1d0ee8b6f4881e44a906a4dfa0a79463efb4e7bf
SHA256

523a1409017b1c3a50e6e97fd2e83ed73a3d406e612eca52a26ed9d7c61bafbe
SHA512

396f43ba027e962efbd0a2a3ed4a0f59d98e562223115e5b83a32f387238dc386a661b40966e1f34b3a4eab7c9533238ae8f5bc151e3cf72bccfe1404a362730
SSDEEP

3072:2OjjYdyhHcjAIUk/JNczQ15qKo6fXXWhmGs3S2MYEjxeJ:2LyhHQTUgN23hmGeS2LEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f9c67cd91708b8e7878ebd551aadaf4

Files

0f9c67cd91708b8e7878ebd551aadaf4
.exe windows:4 windows x86 arch:x86

e8fcdc1022afbb6a6c1225f8da39e877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

kernel32

VirtualQueryEx
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesA
GetSystemTimeAsFileTime
lstrlenA
CreateProcessA
GetCPInfoExA
RaiseException
InterlockedExchange

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ