0c60c292c1c036798c670fa096212c62 | Triage

Sharing

General

Target

0c60c292c1c036798c670fa096212c62
Size

141KB
MD5

0c60c292c1c036798c670fa096212c62
SHA1

1fcca758e6b2ba9ee7d496f64edef139ebdb7614
SHA256

14212e48c6d5f10187716d8cd677d2d75dd0ca4feedd24c217ebb8e229de423b
SHA512

b705443a78e666b8aa0b028b275c24f79d451051a8a9f65bbf6ca21cfb562e57be93637bc3b63cd09a7652b3a5d9cf2ba1b4b7a44386b22c0982507513811a24
SSDEEP

3072:HgYyEc2YosNLe6pDuQarRnqsw/oN5g6Zrf9Ba2W5QsRlnV5G9:ApRnLe6BgBnw/oN5xrf9g2W5QMln7G9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c60c292c1c036798c670fa096212c62

Files

0c60c292c1c036798c670fa096212c62
.exe windows:4 windows x86 arch:x86

a38cc63063e98ff6c0f4d6b16f3d5c79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateMutexA
ExitProcess
FindAtomA
FindResourceA
GetAtomNameA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
LoadResource
LockResource
OpenMutexA
SetUnhandledExceptionFilter
SizeofResource

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
signal

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 952B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE