c531246e7d0c0b90a9f15178127c70ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c531246e7d0c0b90a9f15178127c70ca
Size

32KB
MD5

c531246e7d0c0b90a9f15178127c70ca
SHA1

5945720b5817144207e7386ae77ef46a8d587fc7
SHA256

1e4876b82d8cec28cd0f28cae1d7c94481f6f2456e6f8054cf78676396cd3d45
SHA512

141c79c76956becbab2ff39ef2f64d111a39b815c62935c34ebed2fe0ecc68dc3bb157a6fe5cda01eb9997d829946868b9a553edfb9c6063cda63d5df31a6ced
SSDEEP

768:4u/2y5t+qE1zgmrhJ3ozQ1kbgD/w+6/KQ+OqKeXrNPB:52y5t+qaUmrhJ4U1vDI+6/KeLeXZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c531246e7d0c0b90a9f15178127c70ca

Files

c531246e7d0c0b90a9f15178127c70ca
.exe windows:4 windows x86 arch:x86

54ff726038858e6f9ad7c9e0fadaf573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateDefaultHandler
OleGetIconOfFile
CoTreatAsClass
CoRegisterClassObject
OleCreateFromFileEx
CoAddRefServerProcess
OleSetClipboard
BindMoniker
CoRevokeClassObject
OleCreateLink
CoGetTreatAsClass
CoResumeClassObjects
CoRegisterPSClsid

ulib

??0LONG_ARGUMENT@@QAE@XZ
??0SCREEN@@QAE@XZ
?IsInSetup@MESSAGE@@UAEEXZ
??0SORTED_LIST@@QAE@XZ
??0CONT_MEM@@QAE@XZ
??0TIMEINFO@@QAE@XZ
?DisableLineMode@KEYBOARD@@QAEEXZ
??1HMEM@@UAE@XZ
??0LIST@@QAE@XZ
??4OBJECT@@QAEAAV0@ABV0@@Z
?SetDotsOnly@MESSAGE@@UAEEE@Z
??1PATH_ARGUMENT@@UAE@XZ

ntdll

RtlUpcaseUnicodeStringToOemString
ZwTerminateJobObject
RtlCreateUserSecurityObject
ZwQueryInformationFile
RtlAllocateHandle
ZwQueryQuotaInformationFile
NtQueryInformationJobObject
NtRequestPort
_CIpow
RtlOemStringToUnicodeString
NtDuplicateObject
NtOpenSection
ZwOpenThread
RtlGetFullPathName_U

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE