c4e60f80561687c0500a397b1cf138cb | Triage

Sharing

General

Target

c4e60f80561687c0500a397b1cf138cb
Size

88KB
MD5

c4e60f80561687c0500a397b1cf138cb
SHA1

006d146578c0124c2e40d263945c23f1eb43c0fb
SHA256

3851bf54d6b76587d07bd14017fb6f023faba360f379242d7f244e2ed71c7c6b
SHA512

ab85f804a0678297d461409010f07fe0ea021ca519314eab0a8b721e964cef9c6e6d305c8c27ec150fd7d75f28262bdbfd2e578e0331023f98ed2917a709ef6a
SSDEEP

1536:0ioISy8tYIZWrJeHOa+ht4v7mBTIwJAIxSBSW2BgULx6rjxfC:7oISxYqWrJeHj+cLw2IEAW2B16xfC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4e60f80561687c0500a397b1cf138cb

Files

c4e60f80561687c0500a397b1cf138cb
.dll windows:4 windows x86 arch:x86

a072cb4161f58f055b7cf5fc4e9e3731

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowCaret
SetFocus
LoadAcceleratorsW
GetDC
DrawStateA
DrawMenuBar
DrawCaption
DestroyWindow
CreatePopupMenu
CreateAcceleratorTableA
CopyRect
CharToOemBuffA
CharPrevA

kernel32

LeaveCriticalSection
lstrcatA
TlsAlloc
RtlUnwind
ReadFile
InitializeCriticalSection
GetPrivateProfileStringA
GetModuleHandleA
GetLastError
FreeResource
CompareStringA
lstrcpynA
lstrcmpiA
lstrcmpA

oleaut32

OleLoadPicture
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
SysStringLen
VarBstrCat
GetErrorInfo

Sections

.text
Size: 21KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ