0dfd41623fa8570925c3892baef63d70N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dfd41623fa8570925c3892baef63d70N.exe
Size

430KB
MD5

0dfd41623fa8570925c3892baef63d70
SHA1

3b0f3d52448abd667d2652b8531fee9a501de846
SHA256

42b68b3b2aab8d74c00bf4746088e0d40208e0c356401b3314c19d25f3f966b8
SHA512

6a8c05f83893cf7eee77e67b11c7433198d4713a18e5fc4a680da827a233968f3c11ea643f6b2122a06d6f24beeb350117d36f8a49897c400adcb43d33970760
SSDEEP

12288:iDfrQBLiI/cJhCom7gIlCalpam9GnBUh/Lk:0rQ1iI0jCiIloYQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dfd41623fa8570925c3892baef63d70N.exe

Files

0dfd41623fa8570925c3892baef63d70N.exe
.exe windows:4 windows x86 arch:x86

5557ee46cc4b3d83a265b5001c3b8fd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlInt64ToUnicodeString
RtlIpv4AddressToStringW
ZwCreateDebugObject

user32

DdeConnectList
GetShellWindow

kernel32

GetUserDefaultUILanguage
GetLastError

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE