f0f7296b57e18890dd0245b22661a04fd1798d0d45b90b91c540f71b99f4b8bbN[.]exe | Triage

Sharing

General

Target

f0f7296b57e18890dd0245b22661a04fd1798d0d45b90b91c540f71b99f4b8bbN.exe
Size

337KB
MD5

d42a0618bbbd8835b3ed1246e36fffa0
SHA1

c862d879023689452ba0019ad2c2d2c5861a87af
SHA256

f0f7296b57e18890dd0245b22661a04fd1798d0d45b90b91c540f71b99f4b8bb
SHA512

c3090b565b031dc4b6503c5fefd6596246f3bc80e97f5b37f987d343091330de3263a0004f35e329a9eb4d7f63a37bf98bc090d9c63d07eeeb97ab0652a155e4
SSDEEP

6144:inQU+LqGvHr0nNK11G9DMEeZa8POyKmLUyaViFwRus:9FrkNK11G9AEtMxQyOi67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0f7296b57e18890dd0245b22661a04fd1798d0d45b90b91c540f71b99f4b8bbN.exe

Files

f0f7296b57e18890dd0245b22661a04fd1798d0d45b90b91c540f71b99f4b8bbN.exe
.dll windows:4 windows x86 arch:x86

2f58585fc731a3646ea640dd58abbda7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetCurrentThread
GetCurrentThreadId

user32

GetWindowThreadProcessId
GetCursorPos
GetCursorInfo
GetGUIThreadInfo

shlwapi

StrCmpNIW

oledlg

OleUIUpdateLinksW

ole32

SNB_UserMarshal

Sections

.code
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdatau
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ