60ccb084c7c861bb1b78c4ab1dd54029 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60ccb084c7c861bb1b78c4ab1dd54029
Size

23KB
MD5

60ccb084c7c861bb1b78c4ab1dd54029
SHA1

0847ca302b3dad8fa90aace3cbf42a06be370dbc
SHA256

c2681c8acf03a8a12d47cd547837847b1771fb3b694e305b33ed195c848dfea1
SHA512

7bf7b2bb05b82982b2d85aaf1a21372dc619914f3642e1720321032fe34c7b7613650573bfde5a3c670b50326313c1e9ebbb4a4928cdfb6a60bc353bc82cd332
SSDEEP

384:88nIdvaIkwduXaOZrHXCL2ju/i9idTyNYr6KLBJVhuvBWzAkjjHJUA/VL:LEdvuXaOZDrjuK9Kf6EJV8JWdpH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60ccb084c7c861bb1b78c4ab1dd54029

Files

60ccb084c7c861bb1b78c4ab1dd54029
.exe windows:4 windows x86 arch:x86

e4042b9007b47f5c0ae745f7907ca31e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cmutil

CmFree
CmMalloc
GetOSMajorVersion
GetOSVersion
CmStrtokA
GetOSBuildNumber
CmStrrchrA
CmStrCpyAllocA
CmRealloc

ntdll

NtAddAtom
NtAllocateVirtualMemory

kernel32

MoveFileA
CloseHandle
lstrlenA
lstrlenW
CompareStringA
CreateFileA
lstrcatA
GetPrivateProfileStringA
GetModuleHandleA
SearchPathA
FreeLibrary
CompareStringW
ReadFile
LoadLibraryA
SetLastError
lstrcpyW
GetLastError
DeleteFileA
WriteFile
GetProcAddress
DisableThreadLibraryCalls
lstrcpyA

user32

wsprintfA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE