1cae385823e89f71a134f586cf66d4ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1cae385823e89f71a134f586cf66d4ae
Size

18KB
MD5

1cae385823e89f71a134f586cf66d4ae
SHA1

54f808e0383a971417b2b613bd09de94b6b2a1d7
SHA256

6becbcf1370b5c8464b94b80ead40b7d87a8e0d938338e9a2738f2eb8b11d464
SHA512

f1a4d6045ac7b1952add9e62ef2550536ca2af84cd9cdedc1e574b4727135df5dafa11d9c14d1eb32a37fb71d90eeb9bef412a39817705dbdd2d2b06dad00345
SSDEEP

384:rEYcs/6mDKt3lItlN/rhSiDq5QQKcul0szto:rjcs/6TtaFYG9l0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cae385823e89f71a134f586cf66d4ae

Files

1cae385823e89f71a134f586cf66d4ae
.exe windows:4 windows x86 arch:x86

9f450966ff746f7074df7b77b5b69b99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
CreateFileA

user32

wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
BeginPaint
IsWindow
CloseWindow

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ