0dadc18aa1d321529ca9404d08943007 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dadc18aa1d321529ca9404d08943007
Size

34KB
MD5

0dadc18aa1d321529ca9404d08943007
SHA1

92f991d6a50e6875b8b7493438844a122feb4ad4
SHA256

cdd1cc1d7ffe81ad662e1404cd97d2d0f70eb827b01aa9af70c5e8b2147c6344
SHA512

63d5700f7f8538ddbdc1212752d98e921826b4e44bf7486ac7639ff9731d5d60fd35d9075c74e8b9b8178817be9288703a05bd7cc7b2d030a8adc89bb0f16a33
SSDEEP

768:KPbHEercP+TaCcKHIyP+g0KeetPEvpUaQlguuMNn6RAVs+EF8:KIercKaCdJPJohJQljuOIAOR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dadc18aa1d321529ca9404d08943007

Files

0dadc18aa1d321529ca9404d08943007
.exe windows:4 windows x86 arch:x86

af7fdb9ebf2cb69a553a3b994499fc16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetDateFormatW

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

shell32

DragQueryFileAorW
StrStrIA
DuplicateIcon

Sections

.text
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE