0a48b900564495566ee3058e9016313e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a48b900564495566ee3058e9016313e
Size

509KB
MD5

0a48b900564495566ee3058e9016313e
SHA1

c847b22f22d405def6b7ad027c6e13e1f82ac25a
SHA256

c02fbb55de39a3b8cd6f76fd67ce67186b66ef69683b3919717bc93d1f203922
SHA512

6863b4de6744c109b5d4edce6dceb227639471dfc219cfd3c4bae1597160cee83f6fadb1d8cfa74c95bad7daec82d78ba06c25294a07e1cc7b370a33f19d864f
SSDEEP

12288:EYXMb9ZdXpBK343+5bi9JHgksh44XthE4epqBfq7Ug:9XaZ9Ko3c2AFi4XthoVUg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a48b900564495566ee3058e9016313e

Files

0a48b900564495566ee3058e9016313e
.exe windows:5 windows x86 arch:x86

d4d34c19b42ce73448398bcd1a5bedf3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection

shlwapi

PathCombineW
PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wvnsprintfA
wvnsprintfW

user32

CloseWindowStation
DrawIcon
ExitWindowsEx
GetCursorPos
GetDlgItem
GetDlgItemTextA
GetKeyState
LoadCursorA
OpenDesktopA
ToUnicode

Sections

.enyx
Size: 40KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spsnal
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmh
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ