0fa8142c99d76b887418cabc281d8096 | Triage

Sharing

General

Target

0fa8142c99d76b887418cabc281d8096
Size

716KB
MD5

0fa8142c99d76b887418cabc281d8096
SHA1

72fa31598610bf6ed5f5a34a190eff9149b9582c
SHA256

e5deeec0eb0e1dead1d3ae2472eabc1c80434dd7b0e5840b2b1cac5772d664d4
SHA512

ac5e82dd3a0a67b40124dacd9b3b23fd30d82eb6f6816170b77e8737f68ab856e1808f47ad34cc5b3a45c959439f9de4bf87c8089d2bd47d34cb854f7734c55b
SSDEEP

12288:6TnxS98nLh7p1kpO7U4pPSzI1p5hKijn5TwEVn2wB/p2b8QYDOdqIqmhX:65lGO7UM5hZ9Jxw8BDOdBFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa8142c99d76b887418cabc281d8096

Files

0fa8142c99d76b887418cabc281d8096
.exe windows:4 windows x86 arch:x86

6e36972ea7d999251128fd9a35eaca7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
ResetEvent
CloseHandle
GetACP
GetModuleHandleA
WaitForSingleObject
InterlockedExchange
TlsFree
GlobalUnlock
VirtualProtect
SetEvent
HeapReAlloc
HeapWalk
LoadLibraryW
GetVersion
CompareFileTime
GetProfileIntA
GetConsoleCP
GetAtomNameA
FindAtomA

user32

GetScrollRange
PostMessageA
CopyRect
LoadIconA
SetSysColors
InflateRect
GetMenu
GetWindowTextA
GetWindowLongA
EqualRect
EnableScrollBar
SetWindowPos
GetDlgItem
DialogBoxParamA
GetParent
ScrollDC
GetMenuStringA
ShowWindow
SetPropA
InsertMenuA
ModifyMenuA
GetKeyboardLayout
PostQuitMessage
DestroyMenu
MessageBoxA
TranslateMessage
GetSubMenu
DispatchMessageA
UpdateWindow

userenv

GetProfileType
LoadUserProfileA
FreeGPOListA
GetGPOListA
RefreshPolicy

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ