0d08b738db681ae729507b7c99534ff3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d08b738db681ae729507b7c99534ff3
Size

48KB
MD5

0d08b738db681ae729507b7c99534ff3
SHA1

bb8bc58083b0b0c03e74b8fe574ff707e640b05e
SHA256

fc857d14f720ea815b103c2c3b074a431b4d2344912775fe430c6e8f51865a4f
SHA512

0c9642cf8fb101e2ae22272375a8d307e1b97a768280615e64df2b9feb8cec924212c89f85680b68fbbfdc9e11da77b794a4d6347d526fc0e51d9fe97097e385
SSDEEP

768:ommUBZ8eenMGxemUS2lJsfu2/H6wM7mj+7LCtKdFVT+zMowe2XGe3rXzPVPpqwip:VZ8hnMGxaJsRHIKK7iKjVTkWbrTVn5v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d08b738db681ae729507b7c99534ff3

Files

0d08b738db681ae729507b7c99534ff3
.exe windows:5 windows x86 arch:x86

263e23c4a63ca4af7f5d93a51c17eabf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
CryptReleaseContext
RegQueryValueExA
DuplicateTokenEx
CryptCreateHash
CryptGetHashParam
RegSetValueExA

shlwapi

PathMatchSpecW
PathFileExistsW
PathCombineW
PathFindFileNameW
StrCmpNIA
wvnsprintfW
wnsprintfW
StrStrW
SHDeleteKeyA
PathRemoveFileSpecW
wnsprintfA
wvnsprintfA

Sections

.anwtgt
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arsz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tqjwv
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ