20ccdad1b4f43cae7c6b17ed7fc43255 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20ccdad1b4f43cae7c6b17ed7fc43255
Size

422KB
MD5

20ccdad1b4f43cae7c6b17ed7fc43255
SHA1

0d33fa270a58ce4390e67e299d4f085e9cfd24ee
SHA256

e833fb8bfbc214f1e2e7bef1b1d987c626fd886b15961b2dc2054a8f68d0c640
SHA512

509bd76bcbb429423511a1cd80cdb3c32cf7a48c630324b61230f90d7c760fdd8b1f7f3a982435cee24351c5ef3fb48a5fcd7db8cc086feca2cdc526a7a519b8
SSDEEP

6144:AHvzin7XJXsPpmvUEgYZX3MBP4Q6LJycccrp0GiLBiGpsNZoN:4O7XJX+4DgYBu4NtyccEfcowsNZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20ccdad1b4f43cae7c6b17ed7fc43255

Files

20ccdad1b4f43cae7c6b17ed7fc43255
.exe windows:4 windows x86 arch:x86

98cd949732a14867248d329c0d274797

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
RaiseException
LoadResource
GlobalAddAtomA
EnterCriticalSection
GlobalLock
GlobalFindAtomA
LocalSize
GlobalFree
SetConsolePalette
DeleteAtom
LoadLibraryExA
SetCommBreak
GetStdHandle
CloseHandle
VirtualAlloc
ExitThread
GetProcessHeap
lstrcat
GlobalUnlock
GetOEMCP

user32

GetWindowTextA
GetDC
GetParent
ShowWindow
GetClassNameA
GetForegroundWindow
GetFocus
ValidateRect
DrawEdge
GetActiveWindow
GetWindow
EndPaint
AlignRects
GetClassInfoExA
ReleaseDC
CloseWindow
GetWindowTextLengthA
IsIconic
BeginPaint

wsock32

WSAGetLastError
WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup
WSACleanup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ