11cf0324f604eff1b52e4ec848127877 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11cf0324f604eff1b52e4ec848127877
Size

43KB
MD5

11cf0324f604eff1b52e4ec848127877
SHA1

5b1597e15eed7ef27b3ae4a2043b74caac3cd33d
SHA256

ccafe8a9cf7ef15ea6b07d4e2a9d89846021af0ba066115f53af2f0ae1adee54
SHA512

04b3b90bd6e50b2406958e5ba0885d2343267d4c925ba7cf397916947959019739363cd59dbb9f28c106ed6e43bdfb62752280b5ba424392b39df23a0189e879
SSDEEP

768:MkEaCZcgx8vmJQWkDLG5SrPPGCxyieRDf4uzGvuv8VN:HWa+XB0S4jPlz+Df/ar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cf0324f604eff1b52e4ec848127877

Files

11cf0324f604eff1b52e4ec848127877
.exe windows:5 windows x86 arch:x86

e5517b2b08abe1c3347e90f339b33370

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
CreateMutexW
ReleaseMutex
lstrcmpiA
HeapFree
GetUserDefaultUILanguage
FindFirstFileW
SetThreadPriority
GetCurrentThread
MoveFileExW
lstrlenA
GetSystemTime
SetFileAttributesW
FindClose
SetLastError
HeapAlloc
CreateEventW
lstrcatW
UnmapViewOfFile
CopyFileW
WriteFile
ExpandEnvironmentStringsW
GetModuleHandleA
CreateProcessW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateThread
GetDriveTypeW
SetEvent
lstrcpynW

user32

SendMessageW
SetThreadDesktop

Sections

.bibal
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zub
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahud
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ