0010bd0a9b634182476fdb935642348a | Triage

Sharing

General

Target

0010bd0a9b634182476fdb935642348a
Size

43KB
MD5

0010bd0a9b634182476fdb935642348a
SHA1

6e069a19a3a70461c222ec0bce66b4833a90f3af
SHA256

a3080cebc1bab4ea8be638963d3439fac6a5af479a5a29ac32492cf86e4aa108
SHA512

9ec9e28444defb1e6b5893a5c0679fe5b6ddf5433c04275a646d00eb2abd3bd182bb828a6922ae6caffc046a943c9ab7291a7debaf725944bd0d43ee81d254a1
SSDEEP

768:SZEjDK74mYreL0GJ0i+Yh2Yv3LE5d2hQXxqqMV7f5z8DSFyXg8twc3fCs:ZXK74BiLxJHZPLE+QXxGh8yyXV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0010bd0a9b634182476fdb935642348a

Files

0010bd0a9b634182476fdb935642348a
.exe windows:5 windows x86 arch:x86

8b657c1e0b2b2e291405c2c3f62aff60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
GetModuleFileNameA
UnmapViewOfFile
GetTempPathW
GetSystemTime
WriteFile
lstrcatW
FindClose
GetCurrentThread
MoveFileExW
EnterCriticalSection
CloseHandle
OpenProcess
SetThreadPriority
SetEndOfFile
GetDriveTypeW
CopyFileW
GetModuleHandleA
CreateFileMappingW
lstrcpynW
GetCommandLineA
GetUserDefaultUILanguage
HeapFree
lstrcmpiA
CreateEventW
FlushFileBuffers
SetFileAttributesW
ReleaseMutex
SetLastError
SetFileTime
HeapAlloc
DisconnectNamedPipe

user32

MsgWaitForMultipleObjects
PeekMessageA
OpenDesktopA

Sections

.tgb
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tgrwb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hct
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ