9c042b95c0e388e20d96e0695411a614 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c042b95c0e388e20d96e0695411a614
Size

58KB
MD5

9c042b95c0e388e20d96e0695411a614
SHA1

49e8e304700fa2d9b98f2489e7f9a2076a308ff2
SHA256

c40fd7db7fc35c71ca83a32424958748091ca019ab42f13c12b7091bf031c18d
SHA512

c9ad88980739818ad43c01f224fcda83020c7d3d3e2d9a17fbf553101c3d74e494763fb7ce99fb763c36a27c4d1b691eeb6ed9f1f62373b786a8720cf609c0bc
SSDEEP

1536:0lL8zgoSvf4tl8M4B3Tsi1/kV9yykz976JHE3w2E3iQkQfDq1M3Eg+UEY9X:058s3gL8M4lsi1/kr2976lV2yfDqJg+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c042b95c0e388e20d96e0695411a614

Files

9c042b95c0e388e20d96e0695411a614
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE