ca0b7e491401b84c90e9f90e20f3d39ad2eb7dcf0ec599a5f1fe9ed53e147320 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca0b7e491401b84c90e9f90e20f3d39ad2eb7dcf0ec599a5f1fe9ed53e147320
Size

4.5MB
MD5

e145bb00a952280b203241aa6c829995
SHA1

1bc65c23bd5a4aacf45ff83b611fa9f614f44d01
SHA256

ca0b7e491401b84c90e9f90e20f3d39ad2eb7dcf0ec599a5f1fe9ed53e147320
SHA512

3cd4c195286558e4508085148ae9df779bbbf8b2ecd90f62f4cc60e4a2f2450cd3abd4e42b8f18dc7a77704104493951994a25364f3842f1ac497476060c91ea
SSDEEP

98304:NMf8sdQoqpTFPSgVCrqVWJNPkqsGmP8TgiACPpDPL+Z2hUZR/hF:NMf8sxUFXCmJcPPpOZ2hUZxhF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca0b7e491401b84c90e9f90e20f3d39ad2eb7dcf0ec599a5f1fe9ed53e147320

Files

ca0b7e491401b84c90e9f90e20f3d39ad2eb7dcf0ec599a5f1fe9ed53e147320
.exe windows x86

297bc38efbc6e8b25ae3d0938bd29e9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

GetSystemMenu

advapi32

RegSetValueExW

comctl32

ImageList_Create

Sections

Size: - Virtual size: 8.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE