0ca127b556c718d4265cf4966efce80a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ca127b556c718d4265cf4966efce80a
Size

33KB
MD5

0ca127b556c718d4265cf4966efce80a
SHA1

f2f8ca5699f819a164527e37addb7f38c3f53a6e
SHA256

7f36b961bc00655fe102afc9117cc3210288550b7acfbe7ac627529d11db5506
SHA512

12a25baa2c271f799f5ff1c572204920c73bb942d77b526c2a1568c9a548ffeec1db88abfe707b90dc12f8961e60db79e9f66753ec53225f5c72a24324464272
SSDEEP

768:bBDYzKi1P/uURatUJgde2azIY5oCL6VYmC0IlvVB:bmzKi1nuURat8gdNKFSCL6JIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ca127b556c718d4265cf4966efce80a

Files

0ca127b556c718d4265cf4966efce80a
.exe windows:4 windows x86 arch:x86

37864467a36d50fb91fb94ca0b7c38c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetConsoleWindow
GetDateFormatW

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

shell32

SHLoadOLE
StrStrIA
DuplicateIcon

Sections

.text
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE