0b044fb869b3b09c21e2f28ad5803ab2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b044fb869b3b09c21e2f28ad5803ab2
Size

35KB
MD5

0b044fb869b3b09c21e2f28ad5803ab2
SHA1

f35a1f970fb1d5dc9fbe9d3919b7c5c251992e16
SHA256

c735062778197207ec94c8ba163ec1e6d2e76b201877d8498d76a4585dfbec58
SHA512

8556ae62adc2c84a5a889210b506bd7ad7f1e185e97018d49342f9d05d8b026f6fa0394cb875aa5987b271430b89a0273d28ac01543eb0f7fb884580d7b1dee2
SSDEEP

384:7yZsyxumvZPOWqU98b3WKB8SHKNBvcRUsgiKUMuYMRef0BLQSJ:4sNre+8SqzhliFBLQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b044fb869b3b09c21e2f28ad5803ab2

Files

0b044fb869b3b09c21e2f28ad5803ab2
.exe windows:4 windows x86 arch:x86

fe9d75ac049f827572bc33c854b1f1d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CloseHandle
Sleep
LoadLibraryA
FreeResource
FlushFileBuffers
SetFilePointer
LockResource
LoadResource
FindResourceA
DeleteFileA
GetWindowsDirectoryA
CreateThread
WinExec
GetModuleHandleA
SizeofResource
WriteFile
GetSystemInfo
GetStartupInfoA
GetModuleFileNameA

advapi32

RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

msvcrt

__p__commode
_adjust_fdiv
??3@YAXPAX@Z
__getmainargs
_acmdln
_initterm
_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__setusermatherr
_exit
exit
sprintf
__CxxFrameHandler

user32

GetWindow
SetCursorPos
PostMessageA
GetWindowTextA
FindWindowA
GetWindowRect

winmm

mixerSetControlDetails
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerClose

Sections

Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE