0b8c87d82dbe70f1f9ed45b05328a137 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b8c87d82dbe70f1f9ed45b05328a137
Size

60KB
MD5

0b8c87d82dbe70f1f9ed45b05328a137
SHA1

4e7ed7de8daa67332ef5b2b84149b35c9d64d959
SHA256

9f4269cfe4d9a9843feee14ad82e5ad752bb01954f0e84018cbdc320e394cbe5
SHA512

a1b449b1d7f4ecd24cb2c9999df57eb355731a350da1792983179325def7ebafdc119a9cd777ef4bcbd0b780fb5fb20bbdb61c5835fb9fb4e46c7ddbc22f9101
SSDEEP

768:+0DoBnNptTGnZEsTJObvWFE8sObrDqZN6wzTzdeEwy6rCSlGZ0o6H56gAv0:fE1jWYbzVObr5wx/wr1GuZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b8c87d82dbe70f1f9ed45b05328a137

Files

0b8c87d82dbe70f1f9ed45b05328a137
.exe windows:4 windows x86 arch:x86

ab527b5dab0ecf0bb68bb7203e108f64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateWaitableTimerA
ExitProcess
FindFirstFileExW
FindFirstFileW
FindNextChangeNotification
FindResourceExW
FormatMessageW
GetDevicePowerState
Heap32Next
Module32First
OpenFile
ReleaseSemaphore
SystemTimeToFileTime
TlsGetValue
WaitForDebugEvent

advapi32

AbortSystemShutdownA
CancelOverlappedAccess
ConvertSecurityDescriptorToAccessNamedW
CryptDestroyHash
CryptDuplicateKey
CryptGenRandom
EnumDependentServicesW
GetMultipleTrusteeW
IsValidAcl
OpenServiceW
RegDeleteKeyA
RegReplaceKeyA

user32

CreateDesktopA
DdeInitializeA
EnumDisplaySettingsExA
GetIconInfo
IsWindowEnabled
RegisterClassA
SendMessageA
SendMessageTimeoutW
SwitchToThisWindow

Sections

.text
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE