0ca065207d437ad2af402a4e8bc489e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ca065207d437ad2af402a4e8bc489e9
Size

212KB
MD5

0ca065207d437ad2af402a4e8bc489e9
SHA1

2a3617d0d4722735a3ded2f8f6ff24acb5f7327d
SHA256

47d0eb73f53eebafa6bf844f2738e0011f52bbd54ded51c6e3251b004516db5f
SHA512

98230cd5948136c425df2a6750709cf9c9e61618908ff7593246d7063781bd51a15d5b49e62e378b4a524f0c77cf9452a58ff2b3bb6c1c0a0f711c66727d2da2
SSDEEP

3072:YOKw9ixvSLigDPjCr+MhqMQoZGSQOCZVMvWOEP:t99QaL5Dmr+FMQOHCZVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ca065207d437ad2af402a4e8bc489e9

Files

0ca065207d437ad2af402a4e8bc489e9
.exe windows:4 windows x86 arch:x86

d38a2a38c8d80d1f6a10bb8b466a6cd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
GetSystemDefaultUILanguage
lstrcatA
EnumSystemLanguageGroupsA
DeleteTimerQueueTimer
GetConsoleAliasesLengthA
ChangeTimerQueueTimer
GetTickCount
SetWaitableTimer
GetEnvironmentVariableA
WriteProfileSectionA
SetFileTime
VirtualUnlock
GetProcessWorkingSetSize
GetDriveTypeA
lstrcpynA
LockFile
CreateMutexA
FindFirstVolumeMountPointA
VirtualAllocEx
TerminateProcess
WriteFile
GetConsoleAliasExesLengthA
GetCurrentProcess
IsDebuggerPresent
LocalShrink
SetVolumeMountPointA
LCMapStringA
FlushFileBuffers
GetTempPathA
GlobalGetAtomNameA
GetConsoleFontInfo
GetVolumeNameForVolumeMountPointA
WinExec

wininet

InternetUnlockRequestFile
InternetGetConnectedStateExA
DetectAutoProxyUrl
InternetCrackUrlA
InternetQueryDataAvailable
ResumeSuspendedDownload
FtpSetCurrentDirectoryW

Exports

Exports

Pprqoatu
Kpxhcmdsvxs

Sections

.rtext
Size: - Virtual size: 548B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ