5ca416cbddf9ceff6d3e73efbe0dae6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ca416cbddf9ceff6d3e73efbe0dae6c
Size

16KB
MD5

5ca416cbddf9ceff6d3e73efbe0dae6c
SHA1

ce73f6477a2cdfa4595d31f061dc2b76d336c8e1
SHA256

cb79d3ca5ccf82612556921dd25df0d9c537bbcbfa940a84873030c98a6e3368
SHA512

cdfdd48326ab7201f7dd074ccc93d43e20bf8456a615fd9ab3a993c7feedb660a819f7726495f635b8de5d9173f07975ba8f62b7ae29ab53c4970127d023a2d5
SSDEEP

192:SjS54vNw5Af3MQKlyQDaoxzx2xHhxm++aO2Vp3WiXNwW:SjSQNwcZyz4xm++PqWiXND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca416cbddf9ceff6d3e73efbe0dae6c

Files

5ca416cbddf9ceff6d3e73efbe0dae6c
.exe windows:5 windows x86 arch:x86

dd1b9f3174d0db0257fb210517510d75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

kernel32

GetCommandLineA
lstrcmpiA
lstrcatA
lstrcpyA
DeleteFileA
CopyFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetLastError
lstrlenA
GetShortPathNameA
MoveFileA
CreateProcessA
GetProcAddress
LoadLibraryA
GetModuleHandleA
SetErrorMode
FreeLibrary

user32

PostMessageA
FindWindowA
LoadStringA
MessageBoxA
CharNextA
wsprintfA

shell32

SHGetPathFromIDListA
ord155
SHGetSpecialFolderLocation

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ