56d8c79401f1fc6ecd3c8f3195978358 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56d8c79401f1fc6ecd3c8f3195978358
Size

299KB
MD5

56d8c79401f1fc6ecd3c8f3195978358
SHA1

b2e8ec3272fb223605c4d4cec36f67f7a8d47794
SHA256

28d03e6c36e4ca1172df7a88933e6f9943e346123c4a882fc34f02b1f2199599
SHA512

d85457200f6949a4c5fc64e7cbcf8dab86d6fc7e066c2f4ad4356920d8d4231def18cb57f5446858025ce54dd1bb8982a6b6416471b16d49aadf2a3e25bd7985
SSDEEP

6144:oYbmWpN/oKsa/78BO18mB75w6kDQ0W9Y1ALPIEqTKBF5UDfo2ozqe6dV:oYlT/oKsa4Ep5w6NYhhTKBF0g2k6dV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56d8c79401f1fc6ecd3c8f3195978358

Files

56d8c79401f1fc6ecd3c8f3195978358
.exe windows:4 windows x86 arch:x86

f6e2320edb4d0f18c879523321aa8314

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryW
CreateThread
CloseHandle
GetModuleHandleA
PulseEvent
lstrlenA
HeapCreate
CreateFileA
LocalFree
SetLastError
GetCurrentDirectoryA
CreateThread
GetSystemTime
LocalUnlock
SetEvent
Sleep
GetCommandLineW
UnmapViewOfFile
GetComputerNameA

user32

GetScrollBarInfo
DrawEdge
GetKeyState
CreateWindowExA
FillRect
DispatchMessageA
CheckRadioButton
GetDlgItem
IsWindow
SetFocus
GetDC
CallWindowProcA
DrawMenuBar

clbcatq

SetupOpen
DowngradeAPL
CheckMemoryGates
UpdateFromAppChange
SetSetupSave

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ