0f5dbfccac65b85b3e9dccb1fb8230ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f5dbfccac65b85b3e9dccb1fb8230ac
Size

170KB
MD5

0f5dbfccac65b85b3e9dccb1fb8230ac
SHA1

733bea51a85570ee861ca94bb47f25f784affff5
SHA256

de8134730a69470e1dcac817584749ac63606cc8eec117b87702b057f5c20b17
SHA512

27c0b710468239534c507c18da268595e963f92fffb1aab01aca21cfbd22bc96cd0eb17010a6c95d42ceb0a4546b716b5cdb82e5d179ce7d28e3c7973a383b55
SSDEEP

3072:J5gupteeo+56ldlK2gh335YlctrcM6M/541iqrOO6g+aGLwz0g/gqloSaNm/:b941Jxg5YlMwMl4OeYUwK/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5dbfccac65b85b3e9dccb1fb8230ac

Files

0f5dbfccac65b85b3e9dccb1fb8230ac
.exe windows:4 windows x86 arch:x86

f6ced02617181defbf7e17c76a9427b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile
Sleep

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

HlinkNavigateString

Sections

.text
Size: 23KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE