c0f1c92a74f2e4d96f26f5f08963ec8e | Triage

Sharing

General

Target

c0f1c92a74f2e4d96f26f5f08963ec8e
Size

35KB
MD5

c0f1c92a74f2e4d96f26f5f08963ec8e
SHA1

8d143e96879e76898a3540b32d1423ea06c10136
SHA256

36fe0b9f08dcff684a786175cfb392e6749ea2618bc8ed8bfbb6b90cb76d5961
SHA512

26971a4c0544c7958e418eb5d466a5dff27cfaf606707ac5f094af9a2599ceb4ed863827b70ce391340e455d68d3794dfb9fe243e4a70f2e8420cf2c9d1d0eb2
SSDEEP

768:LLp41wWGI9sLAqFU+YW/ywFOoWhBQ8+YPeQ6:LLp41B9sLdK9OkhQd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0f1c92a74f2e4d96f26f5f08963ec8e

Files

c0f1c92a74f2e4d96f26f5f08963ec8e
.exe windows:4 windows x86 arch:x86

4f8a202fd7d7460e54b12d99ca37d1d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
GetModuleHandleA
lstrcpyA
lstrcatA
ExitProcess
GetModuleFileNameA
SetFileTime
GetFileTime
UnmapViewOfFile
GetFileSize
GetProcAddress
CreateFileMappingA
CloseHandle
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
CreateFileA
WideCharToMultiByte
lstrcmpiA

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ