0ccdee30b589446d037ab5440b7e6400 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ccdee30b589446d037ab5440b7e6400
Size

450KB
MD5

0ccdee30b589446d037ab5440b7e6400
SHA1

7fe6f669655474168a3bace26331dc37831f029f
SHA256

42ce71ea09280e0380a3b58c98573770bdb596218fe99ebbe526398550cc0a80
SHA512

4b1e339f2eb875ff550775b13d57bdc52f608026818d4904e87d96950ae4152f7ae88dee6d1c002aa73fbc309443b9951ee7bde13dd0c483ca54755783e0d31f
SSDEEP

6144:kkjT83H2+8gMblCV+V85HEydO3FZsDySX2YwiIhcP8QmRPmqKPl0mP4VFLed2+DK:1T8GRMApv4h2Ywm8rRuxYdeJvdnO2Yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ccdee30b589446d037ab5440b7e6400

Files

0ccdee30b589446d037ab5440b7e6400
.exe windows:5 windows x86 arch:x86

a2e3a842ea5745d3eff3ef697d91fb53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetFileTime
MapViewOfFile
IsBadReadPtr
WaitForMultipleObjects
CloseHandle
lstrlenA
GetCommandLineW
GetFileAttributesA
GetModuleHandleA
GetEnvironmentVariableW
GetCurrentDirectoryW
FindVolumeClose
SetFileAttributesW
FindVolumeClose
GetDriveTypeA
GetCommandLineA
GetFileType
LocalSize
EnterCriticalSection
HeapCreate
ReadFile
HeapFree
ExitThread
FindClose

uxtheme

GetThemeEnumValue
GetThemeTextExtent
CloseThemeData
IsThemeActive
GetThemeColor
SetWindowTheme
GetThemeBool
OpenThemeData
CloseThemeData
GetThemeTextMetrics
DrawThemeBackground
GetWindowTheme
DrawThemeEdge

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE