0bd46da0a4eb05a0cf4e46aa815e672f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bd46da0a4eb05a0cf4e46aa815e672f
Size

2.2MB
MD5

0bd46da0a4eb05a0cf4e46aa815e672f
SHA1

a82e17d8167742a12ffec4f4051d8f15175662b2
SHA256

d5d321e7316cca06b1bccf0175faa5ac1a689d423eedbb70304caa4fa1c03a50
SHA512

70bda4cafb662e8e46e64ecbf2931b53b075b49ac263682a5192ccfdf535605faa934d0f65e0574260db48d0097a153f48546231aa4569de42db57fbad49b353
SSDEEP

49152:6hbCciOqPkpUjFm3PIjRXrujP7eTcO2USKPGqvslB+ubs/WahxkX:6IdUG2IjVmO+KXsdxahaX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bd46da0a4eb05a0cf4e46aa815e672f

Files

0bd46da0a4eb05a0cf4e46aa815e672f
.exe windows:4 windows x86 arch:x86

263f2c74198635066e799ddd460d8fcf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
ExitProcess
lstrcatA
lstrcpyA
RemoveDirectoryA
DeleteFileA
FreeLibrary
CloseHandle
GetProcAddress
LoadLibraryA
WriteFile
CreateFileA
CreateDirectoryA
lstrcmpA
GetFileAttributesA
GetTempPathA
GetModuleHandleA
GetFileSize
GetLastError
CreateMutexA
GetModuleFileNameA
VirtualAlloc
VirtualFree

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gentee
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ