c08e97f44622d6310a8dba2d93c60e8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c08e97f44622d6310a8dba2d93c60e8b
Size

384KB
MD5

c08e97f44622d6310a8dba2d93c60e8b
SHA1

d915c663a799f067e977e69137d1e46a336e96e3
SHA256

b2c8eef14e2ca8f58f5e7a57fe91abe85946b28964f0c2430dde3ce52a3525f0
SHA512

097965fceb8dbfae47573fe23ac41086a4662cea20a0201b0844acb59ccc9ebba3f6ae97e6693a40ce323c7da07b57e77018ea1016d0a461451b48f2ab20601e
SSDEEP

12288:lqlsHk5UTmMG4iSumoKIDIy8Fqdp5SaIaSNhlOH:szUTZuxIy8qdp57SC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c08e97f44622d6310a8dba2d93c60e8b

Files

c08e97f44622d6310a8dba2d93c60e8b
.exe windows:4 windows x86 arch:x86

d0217f1408296b52d5c2fec84c4da16e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
ExitProcess
GetCurrentProcess
CreateFileA
LoadLibraryA
LCMapStringA

user32

SetWindowLongA
CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 363KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ