0f91fd75ec140e7bb97942485dd41c31d8acef3066233b59d024d44e00fc4ab1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f91fd75ec140e7bb97942485dd41c31d8acef3066233b59d024d44e00fc4ab1
Size

8KB
MD5

31b9196cc9faa20a3aa71c42a2426eee
SHA1

1ab8aac9420bc2087785c7e8ea09b352a5e677cf
SHA256

0f91fd75ec140e7bb97942485dd41c31d8acef3066233b59d024d44e00fc4ab1
SHA512

250372a6f6cff4f6e3f209d7448ad10dc05ef9c91589cb4ee3262f163683c5912a1547d9a64d096f8c8efd5bf5955ca9d2f016542910ba4d4987c5e3d2977677
SSDEEP

96:tuEth5XVQucmcSccF2CvIBEGKjmTQflLgbkgwPVJ0yPxUEIAYU/:IEtdtNLFjIGGKj0QvHv0yPxUEIk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f91fd75ec140e7bb97942485dd41c31d8acef3066233b59d024d44e00fc4ab1

Files

0f91fd75ec140e7bb97942485dd41c31d8acef3066233b59d024d44e00fc4ab1
.exe windows:4 windows x64 arch:x64

483c5b567b490239ca01d854c39de5a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

salflibc64

ddd__
__attempt_rlo_load
__record_profile_address
append_common_spec
setup_expanding_region
__record_program_storage
__RuntimeError
__test_avx
__main_setup
fopen
strcat

user32

SendMessageA
MoveWindow
GetSystemMetrics

kernel32

VirtualProtect
ExitProcess
GlobalAlloc
Sleep
GetTempPathA
GetCurrentProcessId
OpenProcess
TerminateProcess

clearwin64

__temporary_yield
__clearwin_info
__register_message_loop_hook
__create_interprocess_shared_memory
__set_dpi_awareness
__winio

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sundry
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 743B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE