0b0564d2f99c5613cac654a79833089a1e8a3492204c903dc4d79a29eaad9417[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b0564d2f99c5613cac654a79833089a1e8a3492204c903dc4d79a29eaad9417.exe
Size

1.2MB
MD5

09c76f96582ec50867afd8dbe4756d80
SHA1

387ddca825107eb36db56c807f9ba23f845890d5
SHA256

0b0564d2f99c5613cac654a79833089a1e8a3492204c903dc4d79a29eaad9417
SHA512

97c4726b057fe7b8bb296a5b8820f265b71296f3ba8def109280147144a5882d4a225c33f20ecf97eaeb953e04f4c919874147704f0233c32d79275b72587312
SSDEEP

24576:lxR/xL1yfo5G1yIuifLiUN3YkmFp/wEjP9lJFUlko5WrXOiZfJ1gmk4EZV06n:lxLEOG1yIu/lkmbvjdedEjNZfKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b0564d2f99c5613cac654a79833089a1e8a3492204c903dc4d79a29eaad9417.exe

Files

0b0564d2f99c5613cac654a79833089a1e8a3492204c903dc4d79a29eaad9417.exe
.dll regsvr32 windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hcfjyocs
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bnvlabrt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE