c31e667a68b8fa5d7ee9b52ecba52fd4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c31e667a68b8fa5d7ee9b52ecba52fd4
Size

18KB
MD5

c31e667a68b8fa5d7ee9b52ecba52fd4
SHA1

2b331327cb958c1ad7cd05d9a1bdb8adaf3257e2
SHA256

081dd636e79582633c2c258b3a7043eb7c42ef1122196f30423a4765d74b2901
SHA512

8dfbe837235e0a81d615c525cc70c8dfb63158de98cbdcd76a6f273225c3ec2048550b517e7c2320147f36338823cfd462daf300dcb17cabad852992e30c5101
SSDEEP

192:6bSlEH+JCawIaqn2sQ3YA9djh3wyDzjPhq+eeKIdU3rOvWt6m66h6EfJ:iDeVLPQ3NjVVzjJlehrRtR66DR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c31e667a68b8fa5d7ee9b52ecba52fd4

Files

c31e667a68b8fa5d7ee9b52ecba52fd4
.exe windows:4 windows x86 arch:x86

4c7d0bc5cd2b8e24a804078bc9e85687

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
LoadLibraryExA
HeapDestroy
GetModuleHandleA
GetACP
DeleteAtom
GetStdHandle
CreateFileMappingA
GetCurrentProcessId
GetThreadPriority
GetCommConfig
CreateHardLinkA
VirtualProtect
GetCurrentThread
InterlockedExchange
HeapCreate
GetLogicalDrives
IsDebuggerPresent
GetCurrentProcess
GetEnvironmentStringsA
GetTimeFormatA

user32

GetWindow
FillRect
DrawTextA
BeginPaint
ShowWindow
SetActiveWindow
DragDetect
ReleaseDC
GetFocus
GetWindowTextLengthA
FrameRect
GetParent
EndPaint
SetForegroundWindow
GetTitleBarInfo
wsprintfA
GetDlgItem
GetCursorPos
GetClassNameA

advapi32

RegEnumKeyA
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyA
RegFlushKey

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ