0d6fd47b0ff572f615b0e167fae5e03a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d6fd47b0ff572f615b0e167fae5e03a
Size

27KB
MD5

0d6fd47b0ff572f615b0e167fae5e03a
SHA1

2a3a763782ea6910e13c2d7ac80776620ec6eeb2
SHA256

d6de1548f161be4ec4ccb0e41826d26898b93fe09ed25d21513725d950f1a08e
SHA512

9d7d47c0b14af48c15865ce146c1ad0bbdbf313a62bc883a15256a1cedf328033c6d38a028f63a356dd440537ed0bca659b23cf24b28b448f8dfe7cc41d3beb7
SSDEEP

768:ygIixMJg/Z/dY999999b6m99999DM999gOfyalTrbFtHyh:y7ixMJgY999999b6m99999DM999tv3Sh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d6fd47b0ff572f615b0e167fae5e03a

Files

0d6fd47b0ff572f615b0e167fae5e03a
.exe windows:4 windows x86 arch:x86

4931fcc3fb640e04efe2409a4a4c80e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
lstrcpyA
GetModuleFileNameA
GetModuleHandleA
CreateToolhelp32Snapshot
lstrlenA
GetProcAddress
DuplicateHandle
Process32Next
LoadLibraryA
GetFileSize
lstrcatA
LocalAlloc
LocalFree
CreateProcessA
IsDebuggerPresent
SetUnhandledExceptionFilter
Module32First
Module32Next
lstrcmpA
GetCurrentProcess
ExitProcess
UnhandledExceptionFilter
TerminateProcess
RtlUnwind

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyExA
GetUserNameA
RegQueryValueExA

shlwapi

PathFindFileNameA

Sections

.f0Gx
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ