ca1990cadc1bb1fa542f5be638ca781ee01cbb01b1f9a5e4ba50790b64979d32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca1990cadc1bb1fa542f5be638ca781ee01cbb01b1f9a5e4ba50790b64979d32
Size

3.0MB
MD5

f502309476f7b02ae734c60718587860
SHA1

b93846a853793085df469f189a29adfc6732ed58
SHA256

ca1990cadc1bb1fa542f5be638ca781ee01cbb01b1f9a5e4ba50790b64979d32
SHA512

c5dc3adbcbaece2a3694a9c50e3fcf75a86cb07ae6ff022c3f0f858f3a789f8fa2f0c96bd23dc67f87374dcdd0ddd955091a9c0b39ecb9e0d0f1debcc19cab67
SSDEEP

49152:SaLQFiYDBA6UmeuxMKsLipOndP/UsfmztJYAfbPrev5y0svGYUFX5IVDuoDMOr8:SaYiy6TuxvsLgyMOmztCAfn8yN+JpK5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca1990cadc1bb1fa542f5be638ca781ee01cbb01b1f9a5e4ba50790b64979d32

Files

ca1990cadc1bb1fa542f5be638ca781ee01cbb01b1f9a5e4ba50790b64979d32
.exe windows:4 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 980KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zmdsbhef
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yvhnikxw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE