c54239200085d1d12460472a50228fcd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c54239200085d1d12460472a50228fcd
Size

305KB
MD5

c54239200085d1d12460472a50228fcd
SHA1

09aff6080e6e8b6c6dd869e4a06b8efaef86e99a
SHA256

6c7736af9457e0068eb3b81f262dfae926043735aafebce18c32dcae3bdc32b1
SHA512

42c12cf35a5b3f8172325e3b4b3753fc7a55b72c5647149de03d1f01e0677d5568c7ab0b1d2d02b895f6160ac21d290f914344e6ecb78d0fad05fd87a9b314d0
SSDEEP

6144:lJIJsBuFDkJXKEjfy2csKWUvLvIdvhZjfRsmrbA:lJIe8FDqjfy2b1c6fRPrbA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c54239200085d1d12460472a50228fcd

Files

c54239200085d1d12460472a50228fcd
.exe windows:4 windows x86 arch:x86

a38184858cd0de0f6ad038d6df6ce316

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
FindAtomW
WaitForSingleObject
SetLastError
CreateFileA
EnterCriticalSection
DeleteAtom
ReadFile
GetFileSize
SetEndOfFile
SetFileAttributesW
GetCommandLineA
DeleteFileA
HeapSize
GetVersion
GetEnvironmentVariableA
CloseHandle
ExitProcess
VirtualAlloc
GetModuleHandleA
GetStdHandle
GetFileAttributesA
GetCurrentDirectoryA
IsBadReadPtr
SuspendThread

cryptui

WizardFree
CryptUIWizDigitalSign
CryptUIWizBuildCTL
WizardFree
DllUnregisterServer
DllRegisterServer
LocalEnroll
CryptUIWizImport
LocalEnrollNoDS
CryptUIDlgViewContext
CryptUIStartCertMgr
CryptUIDlgFreeCAContext
CryptUIWizExport

uniplat

UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ