6cabc04676d65f54bddc2e51d7e17215 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cabc04676d65f54bddc2e51d7e17215
Size

277KB
MD5

6cabc04676d65f54bddc2e51d7e17215
SHA1

440a02e36e016aa590d7243ffee61d9571d3271f
SHA256

458051e1eeac93a6c1adea2d7074a7c807430bbd31775d62dffb2225c6767f19
SHA512

f4d65a1ea7922fb1504fb44f38ea47313bc27e505b69cce627a239451a8ee30e1a3cdbb92eb5f91a1ed6f6ea3534d7da30675e506d1a9609b2990b13c279a3fc
SSDEEP

6144:bDYk+AGMOLtVEmFSXuWkuxl/u/sdKVqQ+trYfpovJ:wk+AFOx2fXuWk+J0VDoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cabc04676d65f54bddc2e51d7e17215

Files

6cabc04676d65f54bddc2e51d7e17215
.exe windows:4 windows x86 arch:x86

03284d58e023a7f8a7daf0883a5c9ad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetMessageA
CharUpperA
PostThreadMessageA
EnumWindows
MessageBoxA
DispatchMessageA
GetWindowTextA
GetWindowThreadProcessId
PeekMessageA
KillTimer
wsprintfW
IsWindowVisible
LoadStringA
SetTimer
wsprintfA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetOEMCP
GetEnvironmentStrings
GlobalAddAtomW
GetEnvironmentVariableA
FatalAppExitA
HeapDestroy
GetACP
FreeEnvironmentStringsA
VirtualAlloc
WideCharToMultiByte
IsBadWritePtr
GetEnvironmentStringsW
WriteFile
IsBadCodePtr
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
GetModuleFileNameA
EnumResourceNamesA
GetDateFormatW
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
UnhandledExceptionFilter
HeapReAlloc
SetFilePointer
GetCPInfo
HeapCreate
FreeEnvironmentStringsW
SetConsoleCtrlHandler
GetCurrentThread

Sections

.text
Size: 149KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ