c0f43a0364a1117faca906fc0abbf117 | Triage

Sharing

General

Target

c0f43a0364a1117faca906fc0abbf117
Size

197KB
MD5

c0f43a0364a1117faca906fc0abbf117
SHA1

3eb52598ba5af71a5bc5727eac004448efe22fe3
SHA256

6b26c756d1bead1549dfb5c1f15ebc30948036ec17e8b9725bc330dd3a371d62
SHA512

b728902588573f30e58a784b22c011726084e9873ea543db5a7112fd82791a23322da8d1e3b1726f22f6e1eef47948ae362b8e006772e7c584122d1b4782108b
SSDEEP

6144:2m4/tWpwkKFk+07u+v6kyOi4EBVXJsy0CPl:2m4/0pwlu5byO0BVXJt0ql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0f43a0364a1117faca906fc0abbf117

Files

c0f43a0364a1117faca906fc0abbf117
.exe windows:5 windows x86 arch:x86

e9d08bf5741782b10ec0ff0b6cac05e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CepsalIleaoikophefTifflakhiodloo\xissynfelifeuPitsRadsainAyindloo\LipeGatsGunkAlaeHalejoorsyindloo.pdb

Imports

shlwapi

PathIsDirectoryEmptyW

advapi32

LookupAccountNameW
CryptDecrypt
CryptHashData
CryptDestroyKey
OpenSCManagerW

gdi32

GetNearestPaletteIndex
CreateSolidBrush
Ellipse
CreateDIBSection
SetViewportOrgEx
SetWindowOrgEx
RemoveFontResourceW
DeleteObject

user32

GetDlgCtrlID
TileWindows
InvalidateRect
SetTimer
CharUpperW
EndPaint
DispatchMessageA
MapWindowPoints
GetForegroundWindow
CharPrevA
ShowScrollBar
SetScrollPos
IsCharLowerA
GetDCEx
AdjustWindowRect
RemovePropW
CharToOemBuffA

kernel32

FoldStringW
WaitForSingleObject
lstrcatW
GetDateFormatA
SetTimerQueueTimer
lstrcpynW
GlobalLock

Exports

Exports

EnumTextA@16
AddFileA@4
FreePointA@12
RemoveDeviceNew@12
ModifyVersionNew@16

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ