0ebc6a18790a4579812bfa3a9c58eb23 | Triage

Sharing

General

Target

0ebc6a18790a4579812bfa3a9c58eb23
Size

392KB
MD5

0ebc6a18790a4579812bfa3a9c58eb23
SHA1

2810ed592c7c0f1cf0497211910ad1a5cbe5b448
SHA256

909e340b7a8cb745bc469f464723fd6872eb084cb3e83719bf8b138a389afd58
SHA512

d75f80e7c965010f9e90d33450576dd7d3c3af4b1706c7508cd7f280d7fd6838aaf329000bc2ec9af22b8f62f25d4c06da9964ada36efb1ca405cad052b5f271
SSDEEP

6144:3iP9+FxAgek1C3EpduJFYRjTuaJfrv/0wEfYC9TbyrMiMDeEic2U9uKZEGiHU:3iQFe6CFkZZVryf9RlDLiPUwKsHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ebc6a18790a4579812bfa3a9c58eb23

Files

0ebc6a18790a4579812bfa3a9c58eb23
.exe windows:4 windows x86 arch:x86

8c9dbd4156872eb2366cae7013613774

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
FindClose
GetConsoleAliasA
WaitForSingleObjectEx
GetConsoleCP
GetCalendarInfoA
TlsGetValue
GetModuleHandleA
CloseHandle
CreateFileA
GetLastError
LoadLibraryExA
FreeEnvironmentStringsA
LocalLock
FindAtomA
HeapCreate
GlobalUnlock
Sleep
LocalFree
GetACP

user32

IsWindow
DispatchMessageA
GetDlgItem
DefWindowProcA
GetDC
SetFocus
CascadeWindows
GetIconInfo
CallWindowProcA
GetMessageA
DrawTextA
CreateDialogParamA
DrawEdge
MessageBoxA

msasn1

ASN1BERDecCheck
ASN1BERDecNull
ASN1BEREncLength
ASN1BERDecEoid
ASN1BEREncFlush

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ