c36aaca55d323b220c51e97403109783 | Triage

Sharing

General

Target

c36aaca55d323b220c51e97403109783
Size

239KB
MD5

c36aaca55d323b220c51e97403109783
SHA1

963ec5739708c8a4663c42b5dec3d7029b086780
SHA256

55bd622a18d6d97d9ad2613d6b15991c5ae1444068f2ea1350005699b4cf7073
SHA512

f2d9654a930faa8425d8b8e7309e6172b704ea9d64b09106eeae602a2fa2fae15f8e0927a5255cf81c3bd9c7a54e1ab1672d7ae01261a43316395509b57550d0
SSDEEP

3072:Ishel/y+zsKfHtI5r6IgIAmG/OCtCgUPa9Ef0zS8By+crMyww+K5iF4oq:Isk/yuV/m5mIpG9tCgQa9KqSBoOZ5oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c36aaca55d323b220c51e97403109783

Files

c36aaca55d323b220c51e97403109783
.exe windows:4 windows x86 arch:x86

4b1c20833adbb2a15785bb3abe4a5d3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
CloseHandle
GetCurrentDirectoryA
GetConsoleAliasA
GetLocalTime
FindClose
FindNextFileA
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess

user32

SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
GetWindowRect
GetWindowPlacement
SystemParametersInfoW
CallWindowProcA
DefWindowProcA
PtInRect
DeferWindowPos

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
SafeArraySetIID
CreateErrorInfo
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

comdlg32

GetFileTitleA

oledlg

OleUIBusyA

Sections

.text
Size: 139KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE