0b9389f3a57c4b88e0fa6a13f4a5435d[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b9389f3a57c4b88e0fa6a13f4a5435d.exe
Size

392KB
MD5

0b9389f3a57c4b88e0fa6a13f4a5435d
SHA1

1e02eaf3d651bfb3a3682331f36473329e8b4864
SHA256

6d1004dbe9e108725978ca440648a67210730a269e1b18bd77ec8a262f7f3ec2
SHA512

3d04ad9a44589658df386f13f70f17101832e3b7e4d9c5514ae53f447fca2484f3ac02bcdaa5ca53d26fe12c3c6d05990cbddc760f556e2cdd5ab2c8cd1f9920
SSDEEP

6144:cZUkqkFwzgVq767LkLbv1P/AxrvNCBeq0fG5bfAYSR6VbysZk1dWyRr3d8pgtiO0:cYCJibvNYJbxYYgbRke6DYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b9389f3a57c4b88e0fa6a13f4a5435d.exe

Files

0b9389f3a57c4b88e0fa6a13f4a5435d.exe
.exe windows:4 windows x86 arch:x86

f1bf023406b7beac6885d2d72e85bddc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeMountPointA
Sleep
ExitProcess
SetLastError
CreateFileA
GetACP
FindClose
GetLastError
HeapDestroy
FindResourceA
FreeConsole
CreateMutexA
GetModuleHandleA
HeapCreate
TlsGetValue
LocalUnlock
UnmapViewOfFile
FreeEnvironmentStringsA
GlobalFree
LoadLibraryExA

user32

GetIconInfo
GetFocus
DrawMenuBar
CallWindowProcA
IsWindow
DefWindowProcW
DrawEdge
CopyRect
CheckRadioButton
GetDC
DispatchMessageA
FillRect
GetDlgItem

uxtheme

GetThemeSysInt
DrawThemeIcon
GetThemeRect
DrawThemeEdge
DrawThemeText

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ