0b80d031ff19b9881123bdb06f0be4a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b80d031ff19b9881123bdb06f0be4a0
Size

62KB
MD5

0b80d031ff19b9881123bdb06f0be4a0
SHA1

172dd589d0dc6e3aea3559666edb6026c7ec80bb
SHA256

b914040fc0e3ca8b3da4a231bd0c946a4f96282bf342e5b3ca4fab67a310f04e
SHA512

6f2d6497e6b04ac6531ef7a44e0c053b089208fb5d2cc13fab8df9b7710a51780c97bd523694a781964893b607e3e5d8e35f816afb13cd83d97cb02cc307ad3f
SSDEEP

1536:Cw6AZSAYIxAIJkMK1PUziYv9U5ZqrZd0wutDqh+DZvI9tbyxT:CwhHAIJk3VUKZqdGftusDQtbiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b80d031ff19b9881123bdb06f0be4a0

Files

0b80d031ff19b9881123bdb06f0be4a0
.exe windows:4 windows x86 arch:x86

6b829fcfd71efdb9d027462c2dcde7ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ltow
abs
wcsncmp
memmove
_itow
strstr
_wcsnicmp
tolower
__getmainargs
__p__fmode
_wcsicmp
_snwprintf

kernel32

GlobalAlloc
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
VirtualAlloc
GetNumberFormatA
RtlUnwind
GetOEMCP
HeapAlloc
GetTickCount
CompareStringA
QueryPerformanceCounter
HeapSize
FileTimeToSystemTime
PulseEvent
LocalFree
FlushFileBuffers
GetFileTime
FileTimeToLocalFileTime

user32

SetCursor
GetWindowTextA
DestroyIcon
DrawIconEx
DrawFrameControl
GetClientRect
SetDlgItemTextA
RegisterClassA
ReleaseDC
GetWindowThreadProcessId
IsDlgButtonChecked
EnableMenuItem

advapi32

OpenServiceA
QueryServiceConfigA
RegCreateKeyExA
LookupAccountNameA
OpenSCManagerA
GetLengthSid
IsValidSecurityDescriptor
GetTokenInformation

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ