0a9bf99d2d1c18cee226859c512b6d1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a9bf99d2d1c18cee226859c512b6d1a
Size

391KB
MD5

0a9bf99d2d1c18cee226859c512b6d1a
SHA1

3f0aee0c0799bfe10865452e8dcf0ee7ef3a04e0
SHA256

32a51126f9763a0c32d152493bd1a742418b5cbc3909f0edfd555266874997f0
SHA512

3fba1d778422520f09f932924c093ab72d9df53bacbb7c01c5e3fee9aaf71a655dd588a378cf081b042bb3a5303220d214995e311c82490c91c5863629a7d25e
SSDEEP

12288:z4IRMtHEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:EIRMtkAJLjpFvN/ytkjEOfoMWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9bf99d2d1c18cee226859c512b6d1a

Files

0a9bf99d2d1c18cee226859c512b6d1a
.exe windows:4 windows x86 arch:x86

fbab165c80a06953d7dfa0ea7a310da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetFileTime
GetDriveTypeA
GetPrivateProfileStringA
IsBadStringPtrW
WriteFile
HeapCreate
CreateEventW
GetEnvironmentVariableW
LocalFree
FindClose
ReleaseMutex
GetCurrentProcessId
GlobalFlags
FindAtomA
TlsGetValue
InitializeCriticalSection
LoadLibraryW
GetCurrentThreadId
lstrlenW

user32

SetFocus
EndDialog
DrawStateW
IsWindow
GetSysColor
DispatchMessageA
GetClassInfoA
CallWindowProcW
GetKeyboardType
DrawTextA
GetSysColor
GetClientRect
CreateWindowExA

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ