10cd60021299ba515a110e8d2baa6b75 | Triage

Sharing

General

Target

10cd60021299ba515a110e8d2baa6b75
Size

183KB
MD5

10cd60021299ba515a110e8d2baa6b75
SHA1

9a1193f6d32fe52d1423ace22d16dc78c90bcc87
SHA256

5ed8421f525bc4d15f5d1e36848109f2497dc4fec5f1e07c91c946db34f8d1c9
SHA512

c1ff13b91ccb49187250d9fd0dcee6a95f16c37b1e0f5f2f685e7265799556d6527048648e224fa132d24a49e4b6afd8196cf91a7b863d9be1b8b0ecc0a6fd45
SSDEEP

3072:jvR/qQmAw0pYlkKbgd5l2dXPpF2TO6DUo2wo+5vzbXcFMc976VkJbvVIte:jRCQw0pokVn2dvgO6DUGvMb976VkJ5D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10cd60021299ba515a110e8d2baa6b75

Files

10cd60021299ba515a110e8d2baa6b75
.exe windows:4 windows x86 arch:x86

6abe991b3a4c7dd20510649e90f86e1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameW
VirtualQueryEx
InterlockedExchange
GetMailslotInfo
GetShortPathNameW
BackupWrite
PeekConsoleInputA
CreateMailslotW
WriteProfileSectionA
GetCPInfoExA
DisableThreadLibraryCalls
GetCommMask
LoadLibraryW

user32

SetWindowWord
GetWindowModuleFileName
DrawStateA
TrackPopupMenuEx
LoadLocalFonts
SetRect
SetMenuItemInfoW
CreateWindowExA
InsertMenuA
CountClipboardFormats
IsWindowUnicode
GetKeyState

shell32

SHGetFileInfo
SHGetSpecialFolderPathW
SHGetDataFromIDListW
StrRChrW
Control_RunDLLW
DragAcceptFiles
StrNCmpA
Control_RunDLL

Sections

CODE
Size: 9KB - Virtual size: 810KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ