f853d41daa68bbf93d36f12436da9fe2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f853d41daa68bbf93d36f12436da9fe2
Size

392KB
MD5

f853d41daa68bbf93d36f12436da9fe2
SHA1

eb9469e5adc3e64fcbafa2630fd67777f6a4dda4
SHA256

4bfd6de20b21177fff6674445c2cbc07e7f0812c6ec0d74a3b0106744e51594d
SHA512

a1652ccca33d3d0db0ef2e43a50157c1b0dd7165b289a16cff049cc678f480ad0d5c5620d5d06b192c335bc38f168226a9b06db00d585c48ddf1c0d401190b69
SSDEEP

6144:2K1wG0fljKQIZhzc7HVHtf5vuyh+ajZCsuAMXMzFHCD/yr07oAH4qCiAvE:2K/ApUvsfRh+ajZCBAMXoUK0VHPMvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f853d41daa68bbf93d36f12436da9fe2

Files

f853d41daa68bbf93d36f12436da9fe2
.exe windows:4 windows x86 arch:x86

6a1ffc57a51a4c26e7049625af3befbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateFileA
HeapDestroy
ReleaseMutex
HeapCreate
CreateMutexA
GetACP
FindClose
GetLastError
GetModuleHandleA
TlsGetValue
GetProcessHeap
LoadLibraryExW
SetLastError
UnmapViewOfFile
SetConsoleCursorInfo
ExitThread
LocalUnlock
GetEnvironmentVariableA
FindResourceA

user32

IsWindow
GetFocus
CopyRect
GetDC
DrawMenuBar
CallWindowProcA
GetDlgItem
FillRect
DrawEdge
DispatchMessageA
DefWindowProcW
GetIconInfo
CheckRadioButton

uxtheme

DrawThemeIcon
GetThemeSysInt
GetThemeRect
DrawThemeText
DrawThemeEdge

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ