c120cb136c97410be3b34d99b59194cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c120cb136c97410be3b34d99b59194cc
Size

15KB
MD5

c120cb136c97410be3b34d99b59194cc
SHA1

bf6b696aa79d2429a380137105c12ed1dd6003db
SHA256

26bafca90e9f13e2434762f346db721c705ae4df47f707add88c2172e8b74fde
SHA512

9d30824002876b35dfdda8da8e22c3434568c2743a430721f04ea00e8c5e4db1a291d21ee7c141c167624a1548a1cf72995079f2fc3a3c758ce38d757da6dfa7
SSDEEP

384:KMezfE76A5kN2dPqWbnsMFTWvWXeq0dXXP:KfzO75kwPoqTWMUXP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c120cb136c97410be3b34d99b59194cc

Files

c120cb136c97410be3b34d99b59194cc
.dll windows:4 windows x86 arch:x86

598ea1d1906465714cc3df4a42412f43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

WaitForInputIdle
PostMessageA
MessageBoxExW
IsMenu
GetKeyboardLayoutNameA
GetForegroundWindow
DefDlgProcA
DdeCreateDataHandle
DdeCmpStringHandles
CallWindowProcW
wsprintfA

kernel32

lstrlenA
lstrcatA
_lwrite
_lread
_llseek
WriteConsoleA
SystemTimeToTzSpecificLocalTime
SleepEx
AddAtomA
Beep
BeginUpdateResourceA
CloseHandle
CreateFileA
CreateThread
DeleteAtom
DeviceIoControl
ExitProcess
ExitThread
FillConsoleOutputCharacterA
FlushViewOfFile
GetFileSize
GetLastError
GetProcAddress
GetProcessHeap
GetProcessHeaps
GetStdHandle
GetSystemTime
GetTickCount
HeapAlloc
InitAtomTable
LoadLibraryA
LoadLibraryExA
OpenMutexA
RtlMoveMemory
Sleep

gdi32

GetGlyphIndicesA

comdlg32

GetOpenFileNameA

Exports

Exports

cooils

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ