4c0b94f3842e6ccdcb72350e7778ddb9 | Triage

Sharing

General

Target

4c0b94f3842e6ccdcb72350e7778ddb9
Size

809KB
MD5

4c0b94f3842e6ccdcb72350e7778ddb9
SHA1

cb3c108336b2cb1a5c601a16b50c6ce9bdc610b6
SHA256

97898c6ba97316b32f5816331d5012a2ff54f798a8e651fd1725ced2e3e32432
SHA512

a50a2db7c3e0889c4f0c2d7b3826b4e5da860c93931c6bf99d9995d48da2121f4e50e6281924faf694cbb50ab64b39d50b58f015e4b58511df07a47de52d3dd6
SSDEEP

12288:g8PSwRw6cmG/r6dE3Bods8JaxEWmZCI334vnuZSi+GcR1YMySuJ:7Swe61Kr/xKs8JWmt339Si0Tb0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c0b94f3842e6ccdcb72350e7778ddb9

Files

4c0b94f3842e6ccdcb72350e7778ddb9
.exe windows:5 windows x86 arch:x86

3e89916be545aa55c5f069811c264f04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
OpenMutexA
WriteConsoleW
GetStartupInfoA
SetLastError
TlsGetValue
SetLastError
GlobalFree
RemoveDirectoryA
ReadFile
CloseHandle
EnterCriticalSection
DeleteFileA
GetEnvironmentStringsW
CreateDirectoryW
CreateDirectoryA
OpenMutexA
VirtualProtect
Sleep
lstrlenA
GetTickCount
GetModuleFileNameA
CreateFileA
LoadLibraryA
GetFileSize

user32

MessageBoxA
CreateIcon
DispatchMessageA
PeekMessageA
GetWindowLongA
wsprintfA
GetSysColor
GetWindowLongA
IsWindow
IsWindowVisible
GetClassInfoA
DestroyMenu
IsZoomed

cmutil

??_FCIniA@@QAEXXZ
??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE