calc[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

calc.exe
Size

93KB
MD5

08fb0153859914001289060224eb9bd8
SHA1

c23f53e5442ae314f19433260a618e4829a4113f
SHA256

5cf4d67b6dd6e9c95a8d04e69f40efb67151050a08a2ef6b70490570bbc0cde1
SHA512

295d299124521ec8719b7e208b4eb4216f60ef2d46564058c1c1d891e36af3eff3c725b8df4cd2efdf3251cadd9b530e1e537de46afa5e9d2004dd3f19680ac5
SSDEEP

1536:PfYaM+/wXAruBGjFrR6e6MVAo8z0Y2T/xPFES3xVMgwGGG1:HYaMEwQ4GjFrAMVAPzUaS3EgSG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
calc.exe

Files

calc.exe
.exe windows:4 windows x86 arch:x86

f7ef56e6228ff7a3c1a92b5145c7c592

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ShellAboutW

kernel32

Sleep
WriteProfileStringW
GlobalUnlock
GlobalLock
GlobalSize
lstrcmpW
GlobalFree
GlobalAlloc
GlobalReAlloc
GlobalCompact
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
lstrcatW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
RaiseException
LCMapStringA
LCMapStringW
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
lstrlenW
GetProfileStringW
LocalAlloc
LocalReAlloc
lstrcpyW
GetProfileIntW
GetTickCount
LocalFree
FreeEnvironmentStringsA

gdi32

DeleteObject
SelectObject
SetTextColor
SetBkMode
GetTextExtentPointW
TextOutW
GetStockObject
GetTextMetricsW
GetDeviceCaps
SetBkColor

user32

DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
GetMessageW
LoadAcceleratorsW
SendMessageW
CreateWindowExW
UpdateWindow
ShowWindow
CheckRadioButton
ReleaseDC
GetDC
GetWindowRect
CreateDialogParamW
MessageBoxW
LoadStringW
RegisterClassExW
GetSysColorBrush
LoadCursorW
LoadIconW
SetDlgItemTextW
GetDlgItem
FillRect
SetRect
CheckMenuItem
GetSubMenu
GetMenu
SetWindowPos
MapDialogRect
InvalidateRect
SetFocus
IsIconic
GetSysColor
MessageBeep
CharUpperW
DrawFrameControl
GetClientRect
ShowCursor
SetCursor
EndPaint
DrawEdge
BeginPaint
EnableWindow
WinHelpW
CloseClipboard
GetClipboardData
OpenClipboard
SetWindowTextW
DestroyMenu
TrackPopupMenuEx
LoadMenuW
DefWindowProcW
GetDlgCtrlID
PostQuitMessage
DestroyWindow
ScreenToClient
ReleaseCapture
SetCapture
EnableMenuItem
IsClipboardFormatAvailable
CheckDlgButton
SetDlgItemTextA
GetWindowTextW
wsprintfW

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7ef56e6228ff7a3c1a92b5145c7c592

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

user32

Sections

.text Size: 73KB - Virtual size: 72KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 73KB - Virtual size: 72KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 5KB - Virtual size: 5KB