ff45ef23216da0c4ec10c17fe90d3b65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff45ef23216da0c4ec10c17fe90d3b65
Size

747KB
MD5

ff45ef23216da0c4ec10c17fe90d3b65
SHA1

a0289e14d528ec8e7b61387918c3af7e571d39e5
SHA256

16e1349a24df4896148b8d612660caea22c6142922d3b9a3914cc96f2c6293fb
SHA512

b7eaf90b2db00704b8f487026bd0db0f8d258ceeeb7ee958d757987d0248417cd3d4c209613c3445763c1081ddd8062b888dc9e239296e2666d8e2690d9e9d28
SSDEEP

12288:vqXD29JI8P36woA/GvsUyxwlB4EA1dkOqNbpkuTM80VAH8f6yLWUE:t9m8PKxAuUCBUWNkuY80Ccf6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff45ef23216da0c4ec10c17fe90d3b65

Files

ff45ef23216da0c4ec10c17fe90d3b65
.exe windows:5 windows x86 arch:x86

1790e10723a465b1cac0db83d1ed3631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetFileType
GetModuleHandleA
GetStdHandle
CreatePipe
FatalExit
WaitForMultipleObjects
GlobalSize
GetCommandLineA
GetFileAttributesW
GetDriveTypeW
FindClose
GetStdHandle
CreateDirectoryA
GetCurrentDirectoryW
GetCurrentThreadId
GetModuleFileNameA
HeapCreate
Beep
IsBadWritePtr
CreateSemaphoreA
WriteFile
lstrlenW
CloseHandle
ClearCommBreak

cryptui

CryptUIWizBuildCTL
LocalEnroll
CryptUIWizDigitalSign
CryptUIStartCertMgr
WizardFree
CryptUIDlgViewContext
DllRegisterServer
CryptUIWizImport
CryptUIDlgFreeCAContext
LocalEnrollNoDS
CryptUIWizExport
WizardFree
DllUnregisterServer

iyuv_32

AboutDialogProc
AboutDialogProc
AboutDialogProc
AboutDialogProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE