0b32417d744856eea75f52ea9ad24910 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b32417d744856eea75f52ea9ad24910
Size

13KB
MD5

0b32417d744856eea75f52ea9ad24910
SHA1

ee65eae54c6b5cab4a9667e556731437cd3a69e5
SHA256

24c30fbb7b632ba5d6dac91537b91878744fc87ea5b591765915b3ab5708f8e7
SHA512

49ff759200cd40b25f798753c77e011b38f94bd7c08972596e43c5d6ab75c7264a6fc6f7cf358907c071360b64e7471a1e92554575451c5d705cc4c6d74ba832
SSDEEP

192:EAbK6EPjSdAFtyyaIxxQXY4L21FzwmyZyKs2T0FC8cce+O:EAbZ2iRy1M6LL/KsPC8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b32417d744856eea75f52ea9ad24910

Files

0b32417d744856eea75f52ea9ad24910
.exe windows:1 windows x86 arch:x86

d45ed21de357f5f4b42820c625556084

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

sendto
accept
ioctlsocket
GetAddressByNameW

gdi32

EnumMetaFile
GetDeviceGammaRamp
GetKerningPairsW
CombineRgn
CreateRectRgn
EnumFontFamiliesExW
CreateDIBitmap
GetObjectW
GetDCOrgEx

shell32

SheSetCurDrive
DuplicateIcon
ShellExecuteExW
DragQueryFileW
FreeIconList
StrStrA
FindExeDlgProc

Sections

.text
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE