0c79cdd6f3c2142b3e1ced947aa05f4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c79cdd6f3c2142b3e1ced947aa05f4b
Size

18KB
MD5

0c79cdd6f3c2142b3e1ced947aa05f4b
SHA1

694961134a6b4f1d24dfdf1d9d6e7ed78402ae30
SHA256

ecf489832a92b5e3273506b777e8433bf394cb8c820244ed06316feb3e5a2e5c
SHA512

9fcdee0b1e5c7b64cd4ae7328d002c861b8a384c074aba53b2440df422cbd665c122e55b983821f41bd2a447af21e3374a9cdaf736844161d2d41d8bec9aa4cc
SSDEEP

192:9Hle56DFAJJa6L49lesBjTXLeTMbFhnwBKJQPzP3uRohhhhhhhThhhhhhhcRzywI:twsOJa6U9nBHRbFhnwBKJQPzGR1iYq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c79cdd6f3c2142b3e1ced947aa05f4b

Files

0c79cdd6f3c2142b3e1ced947aa05f4b
.exe windows:4 windows x86 arch:x86

70958e18393a4452827638888d00aba9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetTapeStatus
GlobalSize
GetSystemTime
HeapDestroy
GetTimeFormatA
IsDebuggerPresent
PeekConsoleInputA
ResumeThread
GetCurrentProcessId
InterlockedExchange
FreeConsole
GlobalMemoryStatus
GetCommandLineA
WaitForSingleObject
GetOEMCP
GetACP
LoadLibraryA
VirtualProtect
HeapCreate
GetUserDefaultLCID

user32

ShowWindow
GetFocus
DrawTextA
GetWindow
GetParent
CreateIcon
EndPaint
BeginPaint
GetTitleBarInfo
FillRect
GetCursorPos
AnyPopup
GetClassNameA
GetDC
ReleaseDC
DragDetect
SetForegroundWindow
FrameRect
wsprintfA

ntshrui

IsFolderPrivateForUser
SetFolderPermissionsForSharing
IsPathSharedA
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ