0cbe20af77b1b370b8484deb8df07546 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cbe20af77b1b370b8484deb8df07546
Size

111KB
MD5

0cbe20af77b1b370b8484deb8df07546
SHA1

065342404a07d436d648530b4f81ba8de7c98bb7
SHA256

58c5e5f1a4ee7fae2ec1b6adc2df3124eaa5b1d02399aec5537a09ab0deca59b
SHA512

8984043181d29fffab3f648a3b411a638c93ac3d9746844ac7f28666032e06fec418a06998b08fce8a2abcd1a9184283f5e068bbe8da4b58518e6973629a746d
SSDEEP

1536:1Qz63T3sB6tXQ/h91rTLZl1rfgHRA1ZR7EnFv8bnNOxA/D2U3dfE1hGc:1Qu3T8cSTLx1zwYZ/C8dfUG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cbe20af77b1b370b8484deb8df07546

Files

0cbe20af77b1b370b8484deb8df07546
.exe windows:5 windows x86 arch:x86

36e8df4802658ed39d283dcfa613b7c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
GetModuleHandleW
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE