0bb484c2605a1e5c10653fed1c6ee2a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bb484c2605a1e5c10653fed1c6ee2a5
Size

97KB
MD5

0bb484c2605a1e5c10653fed1c6ee2a5
SHA1

83f502e04b2a772e046d27adef63fa58dc826833
SHA256

543c7801af143a88597c421cb586e6d7fea2024ff6aa10cb03e1b2ecc572aff6
SHA512

f922630c37bb6b8bc7dae681fc9ce655c80eb1bde3c707b8d96b04ec1607eaf100aaeb3b9ca17f9c5a04ca364d4c5ef97ab635f7fdc93d1a041947830b686b5e
SSDEEP

1536:vn6Hf+Q32/Tag5TgIUDZf9IEAQNH2c20vZ659KThEzeeLHPQDJo6OHpxIaXi:SHoeg5Tg99IEAQpjmKT+zeAPGJ/OfIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bb484c2605a1e5c10653fed1c6ee2a5

Files

0bb484c2605a1e5c10653fed1c6ee2a5
.dll windows:5 windows x86 arch:x86

292d62e2f5da7b950d07f6ef0b55a80b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameA
ReplaceTextW

gdi32

GetTextExtentPointW
ResizePalette
StretchBlt
Rectangle
GetStockObject

shlwapi

StrToIntExA
ChrCmpIW
StrIsIntlEqualA

kernel32

DeleteAtom
WriteFile
SetFilePointer
GetCurrentProcessId
GetThreadContext
HeapReAlloc
GetCurrentThread
GetStringTypeExW
GetCurrentThreadId

user32

RegisterWindowMessageA
SetForegroundWindow
GetClassNameW
CascadeWindows
ChildWindowFromPointEx
GetDCEx
GetMenuState
DrawStateA
IsDialogMessageW
CreateAcceleratorTableW
LoadStringW
GetClassInfoW
SetWindowPos

Exports

Exports

?GetModuleFileNameA1@@YGXPAD0KEH@Z
?GetModuleFileNameA@@YGXPAD0KEH@Z
?GetModuleFileNameW1@@YGXPAD0KEH@Z
?GetModuleFileNameW@@YGXPAD0KEH@Z

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ