0cf8d29a145c74579ba887d3f683d151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cf8d29a145c74579ba887d3f683d151
Size

90KB
MD5

0cf8d29a145c74579ba887d3f683d151
SHA1

8f1abf4f432f2e7ad8a261622c91b4840294bc8b
SHA256

22df0cd598f5e67e210ef4c42c1aad812b10964c7094ce5907af6aa45393844b
SHA512

79d553dc756d0378791f3c27008e0106cc242da58c2682ab47621b37aad2752d98f7b20e23dcd3ed9caf6b13fc2fa7c80c0253de48f5df1ee47ce8e53959f5cc
SSDEEP

1536:bObhwV3kQHPNArbJbeKcznbeVpJEbba4Mbtbij9dFj7XRrmYuTBrAUSA:bObhwVBHPOpiKqbeVsbulbWzFjjRKJT/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cf8d29a145c74579ba887d3f683d151

Files

0cf8d29a145c74579ba887d3f683d151
.dll windows:4 windows x86 arch:x86

5c1bd68e77e1433d4e53a582e286867c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowCursor
MessageBoxA
LoadCursorA
GetWindowTextA
GetFocus
EndMenu
DispatchMessageA
CreatePopupMenu
CreateDialogIndirectParamA
CreateCursor
CopyRect
CharToOemA
BeginPaint

kernel32

GetVersionExA
ReadFile
RaiseException
OpenFileMappingA
LoadResource
GetTimeFormatA
GetSystemTimeAsFileTime
GetSystemTime
GetStartupInfoA
lstrlenA
lstrcmpiA
lstrcatA
UnmapViewOfFile
GetLastError
GetPrivateProfileStringA
Sleep

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
SysReAllocString
SysStringLen
VarBstrCat
VarBstrCmp
ClearCustData

Sections

.text
Size: 22KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ