1aca91552b60555395e0bb2ccb77d07e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1aca91552b60555395e0bb2ccb77d07e
Size

18KB
MD5

1aca91552b60555395e0bb2ccb77d07e
SHA1

4daeb6d6e1f3bbed8b5b69d357b683196e0cf411
SHA256

0c1001132827229bbb37a63d337274722974cdb5d60d2f15aba376ad4f3f228d
SHA512

b3b3c8623a0bc097b9bee68c95f2c675ac4e4e5732d527c1f772c93e4c82fa6a83e5608f5c7db329b571f2b57cc12991da1c96168c519cce3badd6804e461546
SSDEEP

192:34JvprBy34dJZp9ckEiLtTyczjDoyLn9CZz6br9fJr6OCmqXJjkogCEIjC+j6n+o:347dekEiLtycjoi90P9jC+jvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aca91552b60555395e0bb2ccb77d07e

Files

1aca91552b60555395e0bb2ccb77d07e
.exe windows:4 windows x86 arch:x86

3bc0f32d0d19730ccc8787bed0f29a88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
GetTimeFormatA
GetCurrentThread
GetModuleHandleA
LoadLibraryA
HeapCreate
GetStdHandle
HeapDestroy
InterlockedExchange
FlushFileBuffers
IsDebuggerPresent
GetThreadPriority
GetCurrentProcess
GetACP
FormatMessageA
VirtualProtect
DeleteAtom
GetExpandedNameA
WriteConsoleA
GetEnvironmentStringsA
GetCurrentProcessId

user32

GetCursorPos
ShowWindow
GetParent
DrawTextA
SetForegroundWindow
GetClassNameA
EndPaint
ValidateRgn
DragDetect
ReleaseDC
wsprintfA
FillRect
GetDlgItem
GetWindow
BeginPaint
SetActiveWindow
FrameRect
GetFocus
GetWindowTextLengthA

advapi32

RegCreateKeyA
RegEnumKeyA
RegFlushKey
RegQueryInfoKeyA
RegCloseKey

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ