0fc4470a81c327c1bcd67b664b987060N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fc4470a81c327c1bcd67b664b987060N
Size

120KB
MD5

0fc4470a81c327c1bcd67b664b987060
SHA1

9ebeeaa70e419034bf7b80218302a75341b371d9
SHA256

c2d15a20dbd24e8e08cc09ef46aebf37b0be2b550f48aa9db5b409635c73ee5e
SHA512

44e2f3d66d0e327dda9a2624853858ace3424088fc3827aa7c09e951cce17242f44926b5834714c5a39d59aef74c7aaa0ef276b2b788fc0c175ef200e4001297
SSDEEP

1536:dQn1UlJeRJb+0svGudOkeiimmREIOv0y9R9RVDP9G8pIB6tkDM0LPtTw:in1IJeRbsvG7kgRvByPVDP9PkkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fc4470a81c327c1bcd67b664b987060N

Files

0fc4470a81c327c1bcd67b664b987060N
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ