e0a060b161dfda9a789d9078d6457aed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0a060b161dfda9a789d9078d6457aed
Size

32KB
MD5

e0a060b161dfda9a789d9078d6457aed
SHA1

fc950701aa92245af9d11c4fc028097ab4b16077
SHA256

a2b2351ee261a00eda41d6a3f3f2f3f19d29e5f16b80e3f1c80cdc4af2b624fc
SHA512

644e7d3ebe4210660e9bae37ecafea79dfa1c9977ad37c071b40ed610b4b19525d696c5063b8f814a696ae23db704a96d5ea50d194cfef180ceff114c4f95fa7
SSDEEP

768:Vx9U2o77ueGmlpi0DagTqA2ZGZa6OookI:Vx9U2PeGx4A9IZa6OZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0a060b161dfda9a789d9078d6457aed

Files

e0a060b161dfda9a789d9078d6457aed
.exe windows:4 windows x86 arch:x86

9d04d1c48453eb600775c818b98d374b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
RegisterUserApiHook
RegisterClipboardFormatA
SetSysColorsTemp
PrivateExtractIconsW
FindWindowExW
DdeUnaccessData
SetFocus

kernel32

GetLastError
VirtualProtect
GetThreadContext
GetCommConfig
QueryDosDeviceW
ExitThread
LoadLibraryExW
OpenProfileUserMapping
GetCommandLineW

gdi32

FONTOBJ_cGetAllGlyphHandles
DdEntry33
GetTextExtentPointI
GdiEntry8
EngBitBlt
DdEntry2
FillRgn

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE