c456f6ee96cf68a7623ee1ea6c67943a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c456f6ee96cf68a7623ee1ea6c67943a
Size

100KB
MD5

c456f6ee96cf68a7623ee1ea6c67943a
SHA1

1e098fdad0977665e78cf813fd098f0fe8c3c93a
SHA256

39bfc4bf0e46b2dac094bc33c9678ec7f419ea72f2a781b4a9148a330efdc9b1
SHA512

e516a8bacff9ad8e5f29d791c8463b6672f186ecc3980c3100889f186badfc3c3555b1aecfe1ec11c0327270e66876c081f2857f6c2abf99cf0eb0280154abea
SSDEEP

1536:S1A6pWOkjoKP5P5htuaUAfWAQGNPAb1uBT7W9I91cjdqMyS53:S+64joKNUAfDhYbgkI9LS5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c456f6ee96cf68a7623ee1ea6c67943a

Files

c456f6ee96cf68a7623ee1ea6c67943a
.exe windows:4 windows x86 arch:x86

59a7cabee52dd3b26b0bd8a38f3e9fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
ResetEvent
EndUpdateResourceA
GetProfileSectionA
OpenFile
GetVolumePathNameA
GetStartupInfoA
GetConsoleAliasesA
OpenProcess
FindFirstFileExA
GetProcessIoCounters
FindClose
VerifyVersionInfoA
VirtualAllocEx
ExitProcess
PulseEvent
GetCommandLineA
GetConsoleKeyboardLayoutNameA
SetConsoleOutputCP
MoveFileWithProgressA

user32

DrawIcon
ClipCursor
MessageBoxA
SetTimer
SetDlgItemInt
CharUpperBuffA
ShowCursor
DragDetect
RegisterWindowMessageW
GetCursorFrameInfo
EnableScrollBar
CallWindowProcA
EnumDisplaySettingsExA
DrawEdge
SendNotifyMessageA
SetCursorContents
DrawMenuBarTemp
LoadKeyboardLayoutEx
GetKeyboardLayoutNameA
MapVirtualKeyExA

gdi32

LineTo
DeleteObject
PatBlt
StretchBlt

Sections

.textbbs
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 88KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ