0a7e8fc69499516f4525d6a42e132335ea38da1b1fc15dbe445a93e148310d5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a7e8fc69499516f4525d6a42e132335ea38da1b1fc15dbe445a93e148310d5e
Size

16KB
MD5

29aae03f2d150650ebc7729214660f41
SHA1

a915d2615b83bd21ff149361bbee642c32a0b0f9
SHA256

0a7e8fc69499516f4525d6a42e132335ea38da1b1fc15dbe445a93e148310d5e
SHA512

f3cfdac95a3070919860938ce08f1e1f510bd05d405c8bc7c568ac6088e46c48709595bfff2b86d1ddf565e6e427e0c0a92fe1971b7cc505c0eb5ce38391f64a
SSDEEP

192:R8CngollI+9j+xoMnmAmeVom1oEAfKqXVlUVgzvKbOZeZp9t+H:FfDCxA0oidTE4gzvKbOZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7e8fc69499516f4525d6a42e132335ea38da1b1fc15dbe445a93e148310d5e

Files

0a7e8fc69499516f4525d6a42e132335ea38da1b1fc15dbe445a93e148310d5e
.dll windows:4 windows x86 arch:x86

8954e66f0efe9d9494f169d11924f9a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetTempPathA
CloseHandle
Sleep
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
CreateProcessA
CreateFileA
ExpandEnvironmentStringsA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec

mfc42

ord540
ord800
ord5442
ord3318
ord665
ord825
ord6385
ord1979
ord5186
ord354
ord823
ord860
ord2818
ord535
ord858
ord537
ord940
ord6874
ord4204

msvcrt

printf
strrchr
_beginthreadex
rand
__CxxFrameHandler
_iob
sprintf
free
malloc
fclose
fwrite
fopen
srand
__dllonexit
_onexit
_initterm
_adjust_fdiv

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Exports

Exports

Start

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ