0a0c78ad3be8bed9e52e1297c1672d85[.]exe | Triage

Sharing

General

Target

0a0c78ad3be8bed9e52e1297c1672d85.exe
Size

392KB
MD5

0a0c78ad3be8bed9e52e1297c1672d85
SHA1

0333a3664218d8aefbfa9359a2e45c54dd5d5fc4
SHA256

51aa6a28340a8abf6f5ca3774dd1df025103bff47073662630f795813672d4fd
SHA512

3d4ccb7d7c69f967fd9727d2a9e06f8276b1c1e1ee4c0dfc1b2530917f52c4962b2c501eb726cde3eb8a3c1ae9c9cbbdd4b80da75d95564bdd371bfdb461cafe
SSDEEP

12288:6d5sTH4JGqud/+GyVod/A0RIhKcGicLoC:6d5SSBGyVITRIhKz1LF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a0c78ad3be8bed9e52e1297c1672d85.exe

Files

0a0c78ad3be8bed9e52e1297c1672d85.exe
.exe windows:4 windows x86 arch:x86

bb9b70f9ef2ea1b785b093307d62e6f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
LoadLibraryExA
LocalFree
CloseHandle
PulseEvent
GetCommandLineW
HeapCreate
Sleep
UnmapViewOfFile
GetComputerNameA
GetCurrentDirectoryA
SetLastError
GetTickCount
LocalUnlock
CreateFileA
SetEvent
GetSystemTime
lstrlenA
GetModuleHandleA
CreateThread

user32

GetScrollBarInfo
CheckRadioButton
GetDlgItem
DispatchMessageA
DrawEdge
CallWindowProcA
GetDC
FillRect
DrawMenuBar
SetFocus
GetKeyState
CreateWindowExA
IsWindow

clbcatq

SetSetupSave
ComPlusMigrate
SetupOpen
DllGetClassObject
CheckMemoryGates

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ