0a10b91e443da7cb37766fdf821072b8 | Triage

Sharing

General

Target

0a10b91e443da7cb37766fdf821072b8
Size

43KB
MD5

0a10b91e443da7cb37766fdf821072b8
SHA1

3ed8805f6eb57e6abb677c91f04c44659b717d4c
SHA256

0c7cca0a513cbe478b1d0ea143ee0c7ad115f0efc9caf3f95fa2b9ca0097de8d
SHA512

9e0eb1a2a75ff17b1c003a3dd32467b167c6ffa570fde9c0578d3671ee36a308b326829bab0b44c2c6f27851e47676fed418d473cd2e9e47bcbc1f224ff7d2a6
SSDEEP

768:+Mi1e1y2NchKEWoQiS2qtNnVycVgSEia7KqbabrmkS0KwyuHFwcek8yTrMkyR:jiYShGZpVwj7K0apSRMFrlk/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a10b91e443da7cb37766fdf821072b8

Files

0a10b91e443da7cb37766fdf821072b8
.exe windows:4 windows x86 arch:x86

91e90c81884a0b4459153d788f19eac8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileTime
GetSystemTimeAdjustment
GetTimeFormatW
Heap32ListNext
IsBadHugeReadPtr
IsProcessorFeaturePresent
PostQueuedCompletionStatus
WaitForDebugEvent
lstrcmpi

advapi32

AddAce
CryptVerifySignatureA
EqualSid
GetExplicitEntriesFromAclA
GetPrivateObjectSecurity
GetServiceDisplayNameW
GetTrusteeTypeA
GetUserNameW
IsValidSecurityDescriptor
IsValidSid
RegRestoreKeyA
SetEntriesInAclW
SetSecurityDescriptorSacl

user32

ArrangeIconicWindows
CallNextHookEx
ChangeDisplaySettingsExW
DdeCreateStringHandleA
DdePostAdvise
EnumDisplayDevicesA
GetClassLongW
IsCharAlphaNumericA
SetWindowWord
SystemParametersInfoA
UnionRect

gdi32

CreateDIBPatternBrushPt
CreateDiscardableBitmap
CreateScalableFontResourceA
DeviceCapabilitiesExW
EnableEUDC
FillPath
GetTextMetricsW
OffsetViewportOrgEx
PathToRegion
SetROP2
SetViewportOrgEx
StretchBlt

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE