0a4138a18cbc6580814f0acc36a8f596 | Triage

Sharing

General

Target

0a4138a18cbc6580814f0acc36a8f596
Size

43KB
MD5

0a4138a18cbc6580814f0acc36a8f596
SHA1

07d7d374afab5adc13fff1b06b59edb13f3922d0
SHA256

39e518bdbeda45efb8481b4f4a4bfcebed51587813f8fd3a4c8472237c374ef0
SHA512

06cbcdd71a9c0c930895e7a8b95e58330c3469fd6cc081e3309670d02e743d0950c29326f2680bbc72dbd0282b42e59f79410ac9e211d79231d9bc436d5e371a
SSDEEP

768:RFhBAwauHlbmPywcOzrqH47UnsZOhEqbVcW66dQiVgoctjkzoDd7Vglh53J:P3tauHlbmPKwrqSUs0THVVgogjFyP5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4138a18cbc6580814f0acc36a8f596

Files

0a4138a18cbc6580814f0acc36a8f596
.exe windows:5 windows x86 arch:x86

d72592ad27bf1fba22bb6a010a84fbfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
SetEvent
DisconnectNamedPipe
FlushFileBuffers
GetModuleFileNameA
FindFirstFileW
GetDriveTypeW
HeapFree
SetThreadPriority
CreateMutexW
GlobalLock
MultiByteToWideChar
GetCurrentThread
lstrcpynW
CreateProcessW
CreateFileMappingW
ExpandEnvironmentStringsW
SetFileTime
SetLastError
GetTimeZoneInformation
HeapAlloc
EnterCriticalSection
CopyFileW
FindClose
MoveFileExW
UnmapViewOfFile
GetSystemTimeAsFileTime
lstrlenA
ReleaseMutex
GetModuleHandleA
SetEndOfFile
CloseHandle

user32

SetProcessWindowStation
GetCursorPos
GetMessageW

Sections

.cnyxkv
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qrqx
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lufij
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ