0bdcd88c50bd1fe801f12d16a5e46413 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bdcd88c50bd1fe801f12d16a5e46413
Size

216KB
MD5

0bdcd88c50bd1fe801f12d16a5e46413
SHA1

8d5183f2c866f558a6a26560a904bb7340b3eedf
SHA256

72e4066fc034eae73aaafa4f8ba4a696faa51513f82cbea9f01d3fe9d5d1b648
SHA512

0e0aa114a30c7c42e62254fa743f046cbb5832835e304ebda72d30c52373153727ad316ff2053a41e505e04503c1c1324fd83e153cf4550da8b979c9b45a6097
SSDEEP

6144:DZkWU0rQBZu7yUfCeIganGdPGKWoOkynU:DRNcI7yV7SPNB5gU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bdcd88c50bd1fe801f12d16a5e46413

Files

0bdcd88c50bd1fe801f12d16a5e46413
.exe windows:4 windows x86 arch:x86

8d746d7b9d436a88ded972b24800f5c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetFilePointer
TransmitCommChar
SetEnvironmentVariableA
GetSystemWindowsDirectoryA
GetProcessShutdownParameters
DebugBreak
LZClose
ReleaseSemaphore
ProcessIdToSessionId
GetVolumePathNamesForVolumeNameA
VirtualAlloc
Module32Next
HeapSize
CompareStringA
GetDriveTypeA
UnmapViewOfFile
IsValidCodePage
HeapAlloc
HeapFree
GetEnvironmentVariableA
GetCurrentDirectoryA
SetPriorityClass
SearchPathA
GetSystemDirectoryA
SetFileTime
GetConsoleAliasesLengthA
IsBadReadPtr
SetConsoleMaximumWindowSize
SetWaitableTimer

ws2_32

socket

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 837KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ