c0690e4030497063d9fd2458342e51c4 | Triage

Sharing

General

Target

c0690e4030497063d9fd2458342e51c4
Size

283KB
MD5

c0690e4030497063d9fd2458342e51c4
SHA1

8539153127ef8c4b66d1f32eac3287d1330909d4
SHA256

0b8ca390bfe4081e501c56c11333e8f9166dd38ed4450baea1e24ec13113e5f2
SHA512

6d69f7ff1a8a1e13e44f944f58977172e5ac0ed9f54198dc3ef8baf910634fc1ae7662de59c8c44591088783edc7075b7f14bc50d4a59eac3169343bbc5f4c38
SSDEEP

6144:egE77wwf+FkQmMJ7oesWx0yJAVu5jA3PSsmAFZ3YNvoZwIany:eb7PgTmMm3pYUu5s3PSsmAbTwy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0690e4030497063d9fd2458342e51c4

Files

c0690e4030497063d9fd2458342e51c4
.exe windows:4 windows x86 arch:x86

6ffa38e447ece5760604778bb4edeb8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetStdHandle
LoadLibraryExA
GetCurrentProcess
GetACP
DeleteAtom
GetEnvironmentStringsA
HeapDestroy
GetCurrentThread
GetLogicalDrives
IsDebuggerPresent
GetCommConfig
CreateThread
GetTimeFormatA
GetModuleHandleA
GetThreadPriority
HeapCreate
CreateHardLinkA
VirtualProtect
CreateFileMappingA
InterlockedExchange

user32

DrawTextA
FillRect
GetClassNameA
GetWindowTextLengthA
BeginPaint
GetDlgItem
ReleaseDC
SetForegroundWindow
ShowWindow
EndPaint
GetTitleBarInfo
DragDetect
GetWindow
GetFocus
GetParent
wsprintfA
GetCursorPos
SetActiveWindow
FrameRect

advapi32

RegCreateKeyA
RegQueryInfoKeyA
RegCloseKey
RegFlushKey
RegEnumKeyA

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ