0fabba5a08e708dc5aaa9c50e3f973c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fabba5a08e708dc5aaa9c50e3f973c9
Size

119KB
MD5

0fabba5a08e708dc5aaa9c50e3f973c9
SHA1

d6fb55b7aa969582060e1f47d4173a0fe3860386
SHA256

62c3bb50e517b7441731f0a1157bdb9df62d075675ad8be15ad7e268d98db005
SHA512

d214ec5116cb1c2015973e3aad4d5676a5f59299aa7a27bf9c5b50a1d1668b2d57b638d71988e44745f785675bb105167624f080aa702a7143f3438bc719c319
SSDEEP

3072:TEq35fmgYnKXcnS51t1kLV2XvagAe1pENV2/PmY7rM1UXn:QXgYwcS5KLovahe1WNVYmwmU3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fabba5a08e708dc5aaa9c50e3f973c9

Files

0fabba5a08e708dc5aaa9c50e3f973c9
.exe windows:4 windows x86 arch:x86

2dc7ed5482d2f48dd8bf9f122372dfed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawEx
ImageList_GetImageRect
ImageList_SetFilter
InitializeFlatSB
DrawStatusTextW
DllInstall

kernel32

CreateFileA
ExitThread
ExitProcess
CloseHandle
CreateThread

Sections

.text
Size: 69KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE