03a0b4b94da93f07cbc9b2b041f1ee6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03a0b4b94da93f07cbc9b2b041f1ee6f
Size

635KB
MD5

03a0b4b94da93f07cbc9b2b041f1ee6f
SHA1

f5dcd97c40d0e278c8e2bdf58fbe08250c9ce350
SHA256

25c00c0a86bfbe6af29b387823399aaefcb5150bb10e7185701df76d63d9acc9
SHA512

1483cbc77938eacaa54afa1e7f3d95b7177eb4eba00a7a3c736c158914de4c24b2b5e1e888fcf3d2a0663ce2a23b6afac19f8ae6ecb862037dcac7b8b4bf4f80
SSDEEP

12288:NOvCOEcPj63RuYyEzXRYDunC0Ax5ME2uraXH1mjOdZgKegyX+hi/Q/jAu0UfRHG0:wOSay+BU865aurawzFgY+h1R0Kp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a0b4b94da93f07cbc9b2b041f1ee6f

Files

03a0b4b94da93f07cbc9b2b041f1ee6f
.exe windows:4 windows x86 arch:x86

af6a496cd8a20084e46df7bb8957f100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetLocaleInfoA
GetCommandLineA
RemoveDirectoryA
InterlockedExchange
GetLastError
Sleep
GetStdHandle
HeapCreate
FindFirstFileExA
GetSystemDirectoryA
ReleaseMutex
SetErrorMode
ResetEvent
SetEvent
EnterCriticalSection
GlobalFree
VirtualProtect
FindClose
LoadLibraryExA
GetACP

user32

ValidateRgn
wsprintfA
DrawTextA
GetFocus
FrameRect
ReleaseDC
EndPaint
FlashWindowEx
GetParent
IsIconic
ShowWindow
FillRect
GetWindow
GetCursorPos
BeginPaint
GetWindowTextA
GetClassNameA
SetActiveWindow
SetForegroundWindow

dnsapi

DnsStatusString
DnsFree
DnsApiFree
DnsApiAlloc
DnsIsStatusRcode

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ