39950c6a5676c23c154e926db559c223 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39950c6a5676c23c154e926db559c223
Size

299KB
MD5

39950c6a5676c23c154e926db559c223
SHA1

3650be3cdd151bc8d687eb539dcaa7942d2ed928
SHA256

4c9d07d575cba57c368df5b8b2b2e8104683d49dfee7d38c879cb6bd2fd75dc0
SHA512

a0512bf70b2abc11d31fcc2886ec29bfe7e317542feb3cec5dfeac7d8df2681b06b14879ae7859d571cb102c5491c3e7547a079fcaf8a89437a60b86e26167f6
SSDEEP

6144:tB5vGi0G4PHmPDUlcX/o2ULSWJW71Q3ixqU2GKMTu67otaboUAxol3:V+K0PqLUL5i1Myqi3otdxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39950c6a5676c23c154e926db559c223

Files

39950c6a5676c23c154e926db559c223
.exe windows:4 windows x86 arch:x86

ca0189734f6e07c7002e297eb1896fb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
GetCurrentDirectoryA
CreateFileA
GetCommandLineW
HeapCreate
LocalFree
GetTickCount
CreateThread
Sleep
GetModuleHandleA
GetSystemTime
SetEvent
LoadLibraryExA
CreateThread
lstrlenA
LocalUnlock
CloseHandle
GetComputerNameA
SetLastError
UnmapViewOfFile

user32

FillRect
DrawEdge
IsWindow
GetDlgItem
SetFocus
DrawMenuBar
DispatchMessageA
GetScrollBarInfo
CheckRadioButton
GetKeyState
CallWindowProcA
GetDC
CreateWindowExA

clbcatq

CheckMemoryGates
SetupOpen
UpdateFromAppChange
SetSetupSave
DowngradeAPL

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ