0cb8a3025b3652f6bf1b142777bde686 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cb8a3025b3652f6bf1b142777bde686
Size

1.9MB
MD5

0cb8a3025b3652f6bf1b142777bde686
SHA1

4ebc6eba7b437e1a8bbffff8c9f15632be5445ad
SHA256

03b1e9e63b343fd7cd65ed2042b90862b3dd9311ff306cc7f758f7829bc0c733
SHA512

a92d279f828e1c6f1a8b430fc4d22f34d0c7ab0757adb54fb0aa3728e17c8f6eb51029458885f6a7cd28af432af56254ffd0c70d6dbb2fd9d277a1a49dd455f4
SSDEEP

24576:fS10pl4tY8iwCwKtRuyZCKTVX7/BmjvMa/SuS7Nkn:Kiplt8atRuykKTXmjvRquoE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cb8a3025b3652f6bf1b142777bde686

Files

0cb8a3025b3652f6bf1b142777bde686
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xqilhqrf
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

canuytym
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE