0ce6ab08508d07b232bfbf3b3db3b7e675a1523adaa51b3a575111c88d8b7dd5[.]exe | Triage

Sharing

General

Target

0ce6ab08508d07b232bfbf3b3db3b7e675a1523adaa51b3a575111c88d8b7dd5.exe
Size

120KB
MD5

abf9896caf62e17df1b84e931777673e
SHA1

58a3756e0e2bef9d02915e7f1b7047512ef7de5e
SHA256

0ce6ab08508d07b232bfbf3b3db3b7e675a1523adaa51b3a575111c88d8b7dd5
SHA512

20077c57fdf27a36b76aa0f53cc8e75068da9b0ecfa24bf7f7b3e1454bc0448a3d5ec7944bd941accc2e8ccb9adb901624702c1e01b72a90e181b4f86f543b51
SSDEEP

1536:xXPIYcBbHPMch5aYKIsIm5JDbOpycVjtvCYQ8nRhBd4RCy8VHyUp:f2xZm3OsstvC7khBd4RCtyUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce6ab08508d07b232bfbf3b3db3b7e675a1523adaa51b3a575111c88d8b7dd5.exe

Files

0ce6ab08508d07b232bfbf3b3db3b7e675a1523adaa51b3a575111c88d8b7dd5.exe
.exe windows:4 windows x86 arch:x86

261474a28e4ee011af3dc76625e03b9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
LCMapStringA
lstrcmpA

msvcrt

memset

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE