c11efbb39ace2d339196912deb78c211 | Triage

Sharing

General

Target

c11efbb39ace2d339196912deb78c211
Size

27KB
MD5

c11efbb39ace2d339196912deb78c211
SHA1

7051bfd9b1a27d5ff3f204ddd3e18af6d05d5383
SHA256

2fed0eb15ffd44ee9b1503747ea8be3b725dd910c71be57e3af84ddedf8e19fb
SHA512

72b92671629059ccb3ca8fbd9bcceb7406d867ce397b742a29f59b0053ff87d15af47d3ee7fa65172c4776a500b9e61b9fae247f96b18c333b711d9315e6f92f
SSDEEP

384:l9Lx3GpHRTLSF3EyZAOt9252lCnM/lGakpe9NXDUDM1qjW7PykJPa:z89SF39RtE52kelBfPXQMHqkJPa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c11efbb39ace2d339196912deb78c211

Files

c11efbb39ace2d339196912deb78c211
.exe windows:4 windows x86 arch:x86

525a7adc97148f69e263cbcfc81e9c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
CreateIcon
GetDlgItem
GetMenu
GetDC
CloseWindow
DrawIconEx
DialogBoxParamA
CopyImage
CopyIcon
CopyRect
GetCursor
DrawIcon
InsertMenuA
LoadCursorA
DialogBoxParamW
LoadMenuA
DrawTextW
GetWindowTextLengthA
GetFocus
EndDialog
IsMenu
IsWindow

kernel32

GetStartupInfoA
GetCPInfo
GetStringTypeW
SetFilePointer
MultiByteToWideChar
WriteFile
GetVersion
LCMapStringW
lstrcpynA
GetStdHandle
TerminateProcess
GetCommandLineA
GetACP
GetModuleFileNameA
GetFileType
CreateFileA
GetStringTypeA
SetHandleCount
lstrcatA
GetOEMCP
lstrcpynW
GetCurrentProcess
lstrcpyA
LCMapStringA

comctl32

MenuHelp
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Create
ImageList_GetIcon
CreateToolbar
ImageList_DragEnter
ImageList_AddIcon
CreateToolbarEx
ImageList_Add
CreateStatusWindow
ImageList_LoadImageW
CreateUpDownControl

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ