0be1d1820a401afcb54f6962e8a258cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0be1d1820a401afcb54f6962e8a258cf
Size

24KB
MD5

0be1d1820a401afcb54f6962e8a258cf
SHA1

67996641c03c3b8858e991006419daa74e45f807
SHA256

423dae0a9f1e8e77ddf83838944c497ea8246c2a3f7d1d3389b1b82a7c1239dc
SHA512

9509ce8383b9987977940260fdf66bd310df6bab13471275ebd48a2f2607733d3acf5bad75192c7f34598d8256072040abe72c1f3d49222d2a3925e9be8a365a
SSDEEP

768:RpRxwhr2fQs4E/KEb+dPKSrWLsKhWPXrW:ZxwhSnx+dPKSrWLsKhWPbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0be1d1820a401afcb54f6962e8a258cf

Files

0be1d1820a401afcb54f6962e8a258cf
.exe windows:4 windows x86 arch:x86

1eb21e4546333a2b7b1cba6229197d1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSetSettings
SHRestricted
SheChangeDirExA
SheGetDirExW
FreeIconList
StrRStrW

user32

CharLowerBuffW
CreateMenu
DdeAddData

kernel32

CopyFileExW
DebugBreak
CallNamedPipeW
AllocConsole
DeviceIoControl
EnumDateFormatsW

gdi32

SetICMMode
ResetDCW
SetWindowOrgEx
RoundRect
Rectangle
StrokePath

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE