0e8d051d8741c1046c1a6d71b1384037 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e8d051d8741c1046c1a6d71b1384037
Size

20KB
MD5

0e8d051d8741c1046c1a6d71b1384037
SHA1

b434821de3f7bbff5265558403bf8649d8588dc1
SHA256

8ffe3d46cc316d5129c1594d90519a019f27be4bb0a6bd7c0fa5d020b9999bcf
SHA512

8ae8634f88463ce72818f1687e4657070c6f466f20151a8dd2738f9f74fdbb6659d5522130cdf719bfb758608d4bcceac64973eea6afc24b00201c718b7ac995
SSDEEP

384:FMF64mNpSilKSRuE2Hd53mMEasKX4LnRisb1uLe:mmNpSi/RD298MEFKrsb1uL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e8d051d8741c1046c1a6d71b1384037

Files

0e8d051d8741c1046c1a6d71b1384037
.exe windows:4 windows x86 arch:x86

474faa90c723e941bb32ed24b229e0bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
WaitForSingleObject
SetThreadPriority
CreateThread
TerminateProcess
OpenProcess
CreateEventA
OpenEventA
DeleteFileA
Sleep
OutputDebugStringA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
FreeLibrary
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
WriteFile
GetModuleFileNameA
LoadLibraryA
ExitProcess
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
GetCurrentProcess
CopyFileA
CloseHandle

user32

GetDesktopWindow
GetDCEx
GetDC
GetCursor
PostMessageA
GetClassNameA
GetWindowTextA
EnumThreadWindows
GetWindow
FindWindowA
SendMessageA
CheckMenuRadioItem
CheckRadioButton
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DrawIcon
DeleteMenu
GetThreadDesktop
wsprintfA
CheckMenuItem

gdi32

GetBkMode
GetBkColor
Chord

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCloseKey
RegSetValueExA
OpenProcessToken

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ