0b887f56977e5549744d290a0e19f64f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b887f56977e5549744d290a0e19f64f
Size

132KB
MD5

0b887f56977e5549744d290a0e19f64f
SHA1

eadca78cc7fa0e2d0e22e5f320bc7a5a622bf18d
SHA256

4498221bc6dcc9bda1d460a0f36db566140aa99a7ed80caea72038eda8054bcc
SHA512

26b3508cb65d6943625174b8cfb5ab5d4484d6b25bd16a4110fbd647c8cc124f6eb9997f0c785e1af6fb652883684763307736b3266a0ea2537ca8b66113bdc2
SSDEEP

3072:b6b5GfGE7uBzlh0ue7opMjIQ9BJY0pkqNz:b6b5G7km2MjP973/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b887f56977e5549744d290a0e19f64f

Files

0b887f56977e5549744d290a0e19f64f
.exe windows:4 windows x86 arch:x86

81cac05a6d373a8aaaf1e75196f21296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetTimerQueueTimer
GlobalFindAtomA
DeleteCriticalSection
GetVersion
lstrcpynA
InterlockedExchange
GetFileType
WritePrivateProfileSectionA
ResetEvent
IsBadCodePtr
DosDateTimeToFileTime
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ