c5ac632e1f15873bd8d0ff3b44e34cc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5ac632e1f15873bd8d0ff3b44e34cc8
Size

838KB
MD5

c5ac632e1f15873bd8d0ff3b44e34cc8
SHA1

4170c9416e4d70db448139cf13bf8a59ca1c9d8d
SHA256

a6bd72fe62869074dfba843df74b217602286c38a5a3f5a35d42483d27d66034
SHA512

42011f26f48f31d280f317caff77ef2f3167a982114543ef6fef2b237014f6ae75963c30765eb0b61caa81de3efbc59b9d08d682d3c2962d04cd56b68cc91d79
SSDEEP

12288:7593q1mA8AOrREUDF2DA5XMI5ldmjhd/lzCuss0LYp1JKIrVmbkC9v:75IcttrXDQEZnd0h3CusjYbJXJkP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5ac632e1f15873bd8d0ff3b44e34cc8

Files

c5ac632e1f15873bd8d0ff3b44e34cc8
.exe windows:4 windows x86 arch:x86

e6aa4e71c032e74470cc1ff30c641699

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CreateThread
UnmapViewOfFile
CloseHandle
SetEvent
HeapCreate
CreateThread
GetModuleHandleA
GetComputerNameA
GetCurrentDirectoryA
GetTickCount
LoadLibraryW
Sleep
LocalFree
LocalUnlock
PulseEvent
GetCommandLineW
GetSystemTime
SetLastError
CreateFileA

user32

FillRect
GetScrollBarInfo
SetFocus
CreateWindowExA
GetKeyState
CallWindowProcA
DrawEdge
DrawMenuBar
GetDC
CheckRadioButton
IsWindow
DispatchMessageA
GetDlgItem

clbcatq

UpdateFromAppChange
SetSetupSave
DowngradeAPL
CheckMemoryGates
SetupOpen

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE