ca1df3c230a610f816e0611bb620f6f42ef9af825494b8d0c603bcad5697d9c5 | Triage

Sharing

General

Target

ca1df3c230a610f816e0611bb620f6f42ef9af825494b8d0c603bcad5697d9c5
Size

704KB
MD5

aec76dd56f602ded8fb07a593d0dc796
SHA1

db3710be7be603f2202eadfd76ffc30634ed5db4
SHA256

ca1df3c230a610f816e0611bb620f6f42ef9af825494b8d0c603bcad5697d9c5
SHA512

eabda0978df95cf58bb04508fee299f74186c3aba3832bcac4b4596573782b41b808c04659a2413a241aaf909bd20c119d3d0548d3f5f0c8da5df262211e9049
SSDEEP

12288:Wu9eV/P9KHWr2wg6hTxrkrT9DBQZ2JP5jVfligy2VkY41fvJwH0c35Kt4xxa0Wum:lul4WrTg6hl4rxVJRjVtiOXcvJwTKmL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca1df3c230a610f816e0611bb620f6f42ef9af825494b8d0c603bcad5697d9c5

Files

ca1df3c230a610f816e0611bb620f6f42ef9af825494b8d0c603bcad5697d9c5
.exe windows:4 windows x86

bb41ffc59d7e7f31c70fbda3e43672d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DrawTextA

gdi32

SetBkMode

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

CryptReleaseContext

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

ws2_32

ioctlsocket

comdlg32

ChooseColorA

Sections

.text
Size: 678KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE