cfb50136da89ac3ac5b7c554ad0f097dcc384f54188c212f75fb110cfec6480f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfb50136da89ac3ac5b7c554ad0f097dcc384f54188c212f75fb110cfec6480f
Size

33KB
MD5

b8971d97e314d6df41b4251f9d3cdc92
SHA1

c8322b81f0bba0853324104a40b561cc21e96f00
SHA256

cfb50136da89ac3ac5b7c554ad0f097dcc384f54188c212f75fb110cfec6480f
SHA512

563a79e609e96c68f2473a321b4977364bbe44a3e0c519aaf1e4e0f54ae373c2018ab9485d4e01efa31bcfaf5ec1aa68db3b0f2d9b133ebd864a16817f8b6368
SSDEEP

384:+RBWNuFXh5OmXGvfHsX9CK+1zARkJuM/0Ca+lwx7pRvmpPcCb8qDTm9YhAFn:+Rj44GnsrxkuJCarNiDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfb50136da89ac3ac5b7c554ad0f097dcc384f54188c212f75fb110cfec6480f

Files

cfb50136da89ac3ac5b7c554ad0f097dcc384f54188c212f75fb110cfec6480f
.exe windows:4 windows x86

a6eb128f143159f7b330714d5ca23fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime

kernel32

GetPrivateProfileStringA
LCMapStringA
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetCurrentProcessId
GetTickCount
lstrlenW
WideCharToMultiByte
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
LocalFree
GetCommandLineW
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
LoadLibraryA
FreeLibrary
GetProcAddress

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
GetWindowTextW
GetWindowTextLengthW
GetClassNameA
GetParent
GetWindowThreadProcessId
FindWindowExA
MessageBoxTimeoutA
IsWindowVisible

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
_ftol
__CxxFrameHandler
free
malloc
memmove
strchr
modf
strncmp
strncpy
sprintf

shell32

CommandLineToArgvW

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE