0fd298895c43cb69205281eb0fda0e7d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fd298895c43cb69205281eb0fda0e7d
Size

175KB
MD5

0fd298895c43cb69205281eb0fda0e7d
SHA1

995789a01f337998c3e81447a0b0882879962941
SHA256

e808304a0706e4d60ff9d59e49c3718ddc0ad6aebaefd7fc5c178110f8efc710
SHA512

922bd078f09720334b6c4a5d083822d8ee38276576a2d5a52be6890b9110d15e21d06b7e11c5a8cf8ec506cf7ec068a2bcdbbf0389111a56cb367698ea8e0e8a
SSDEEP

3072:yRid9X6DpEqWBfh90Uvd74+MSv6NMEIBeyhe9nhesqIYz:yE9qqR5hr8+HNEIBdhene59z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd298895c43cb69205281eb0fda0e7d

Files

0fd298895c43cb69205281eb0fda0e7d
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 142KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE