0dcc6506aba2b45138395c2aa377afbff4a69d1680a105652eb76c39a45d6c10N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dcc6506aba2b45138395c2aa377afbff4a69d1680a105652eb76c39a45d6c10N
Size

8.5MB
MD5

458fbb67f78eab0b40498cf197931330
SHA1

8cadd60197c334f1451a2f51fd06e76d9ff29adc
SHA256

0dcc6506aba2b45138395c2aa377afbff4a69d1680a105652eb76c39a45d6c10
SHA512

858a425eb297e563089105acbbd0d1ee34d259d6277f7afd514803d010b75c5fb996ddbb4b6e9a580b27e3ba86351789bb3427f6fbbacd159bc1331ddb85b2f7
SSDEEP

1536:Ey0+j2YJU4/rMFYjaMhSvkhvKjxqct8lCGwy2:EyiQrgMhJhvKxn8o5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dcc6506aba2b45138395c2aa377afbff4a69d1680a105652eb76c39a45d6c10N

Files

0dcc6506aba2b45138395c2aa377afbff4a69d1680a105652eb76c39a45d6c10N
.exe windows:4 windows x86 arch:x86

104c92991f5d4384cb2aede0a6b2b568

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
Sleep
WriteFile
CreateFileA
DeleteFileA
LoadLibraryA
CloseHandle
ReadFile
IsBadReadPtr
lstrlenA
GetLastError
lstrcpyA
SetFilePointer
GetFileSize
lstrlenW
MoveFileExA
SetCurrentDirectoryA
GetCurrentDirectoryA
ResumeThread
SetThreadContext
GetThreadContext
GetModuleFileNameA
GetTickCount
CreateDirectoryA
lstrcmpA
GetVersionExA
ReleaseMutex
CreateMutexA

msvcrt

malloc
strstr
_except_handler3
_mbsstr
atoi
free

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE