0bbbdb441beb65db65db7738d2e42060N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bbbdb441beb65db65db7738d2e42060N.exe
Size

4.9MB
MD5

0bbbdb441beb65db65db7738d2e42060
SHA1

e4fddb130d97d2308bc8fca9fdda640830dff080
SHA256

6a3053fa8ad6c34513652f26d250cef66e0fa553daf93b8d09ab25d9d5e0ab45
SHA512

2a2fbaac62353342e8606a212eddd103141f403a9db12cd772b9cc2879d1537a91db6f1b66babf67273da926301287afe7bc56e187d4c480cf22e43e98b8a37b
SSDEEP

98304:oNlD8dy+o5fdlqUkGH+wiIhl7NGVBkk3na0JL:wEy+cN3hRNItL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bbbdb441beb65db65db7738d2e42060N.exe

Files

0bbbdb441beb65db65db7738d2e42060N.exe
.exe windows:6 windows x64 arch:x64

e82dd51b077167be63c004bed23d0c1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ