0da39f7e73382eae8ede1622c080b7b0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0da39f7e73382eae8ede1622c080b7b0N.exe
Size

4.7MB
MD5

0da39f7e73382eae8ede1622c080b7b0
SHA1

b698e4ea7adf46626b813b1f56e23e0059e17c0c
SHA256

99b8659964c25ac11d9a90673c6c4b38277d385584de57c405e9b8d413ccfcdb
SHA512

5a0d73db249c250d02aa8560a6664a3dcbedde04cd66482496f10d148ec171202b009b67c8d0de37db6c03a28d91d76b67add69003782a6c0c1f3d575ec77ae9
SSDEEP

98304:jhvIvyZIGL0s+p2q+4DhyVWDe1mxTptZldix5FZRKQGv2Bldxe97:jhvIaiW42dB/1mNrwxa9eVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0da39f7e73382eae8ede1622c080b7b0N.exe

Files

0da39f7e73382eae8ede1622c080b7b0N.exe
.exe windows:5 windows x86 arch:x86

72782f5a472264b79dfae67bd8609342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetFocus

gdi32

SetViewportExtEx

advapi32

CryptCreateHash

shlwapi

PathFileExistsA

wininet

InternetReadFile

shell32

ShellExecuteA

comctl32

ord17

winspool.drv

ClosePrinter

Sections

.text
Size: - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n@'
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Nw(
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.*<6
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ