0cd05e456d8835d0659bfc7945bed6c1 | Triage

Sharing

General

Target

0cd05e456d8835d0659bfc7945bed6c1
Size

28KB
MD5

0cd05e456d8835d0659bfc7945bed6c1
SHA1

e2284183755f9a376d37b469d65b43309669c88f
SHA256

b3e57cead46dede138ccd58884bf7e972c3e7851b89c406a7945821259618f14
SHA512

90b71f3af12786f5f1c9e2eedb0a18b3d3104b9a7061c46f06eef16e7aa7a5f995a00b1971bf6325144e08f322d7f6176060f9d95b673a69447d0111b8cc1758
SSDEEP

192:6olI/sNrtF/jvQecBA16nPJqjDxYq2dY0JVRoVDxZ8iIwd:6FsNrtJjvbcS16nPbM2AVZ8iIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cd05e456d8835d0659bfc7945bed6c1

Files

0cd05e456d8835d0659bfc7945bed6c1
.dll windows:4 windows x86 arch:x86

271530a0ef63144193795d09b5ac2c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
CloseHandle
GetExitCodeThread
WaitForSingleObject
CreateThread
GetProcAddress
LoadLibraryA

Exports

Exports

CBTProc
OPThread
SGThread

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ