c0c380f7227fb5fbe506b6a3e581a5cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0c380f7227fb5fbe506b6a3e581a5cb
Size

37KB
MD5

c0c380f7227fb5fbe506b6a3e581a5cb
SHA1

c9aa7890a8bf79325cf6318d6c2baa09a13fb5e2
SHA256

a77c73feaf3ef1441dd36d13beb56a72ca4e938501d1744bc70810e772f74768
SHA512

852ac1c057748b3443fec96425778ebb1a0726284bc9ea5721c613343402ed6aad104d5ac02e95234f8f866e1f4220e87b6d99e1d8b65fa9fb9e2f2e2912b0cc
SSDEEP

768:14W/RM68iE+Ur8ugw/lQxEW9gE8DvCfAgGjPFlCasZNv1:141zirUgkUESd8DvCfAgGjPFlCT/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0c380f7227fb5fbe506b6a3e581a5cb

Files

c0c380f7227fb5fbe506b6a3e581a5cb
.exe windows:4 windows x86 arch:x86

8007433fdca8180c24e4b2573e3b2002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlFindMostSignificantBit

user32

SetDebugErrorLevel
GetSysColorBrush

ole32

CoImpersonateClient
OleSave

gdi32

GetTextColor
PatBlt
PathToRegion
PaintRgn
RemoveFontMemResourceEx
SetICMProfileA
InvertRgn
GetRandomRgn
StrokePath
StartDocW
CreateBitmap
CreateHatchBrush
CreateRoundRectRgn
EnableEUDC
FrameRgn
GetClipRgn
GetFontData
GetLayout
GetTextAlign
SetTextCharacterExtra

comctl32

ShowHideMenuCtl

activeds

ADsBuildEnumerator

rasapi32

RasGetConnectStatusW

shell32

SHGetFileInfoW
SHFindFiles

dsprop

PostADsPropSheet

oleacc

AccessibleObjectFromPoint

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ