c615dcaf90fd79221f7b8ce18d010612 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c615dcaf90fd79221f7b8ce18d010612
Size

7KB
MD5

c615dcaf90fd79221f7b8ce18d010612
SHA1

aa6046da59fb64c5e8feb0f60061921c9bbe6026
SHA256

23e8ccf6c688eed1a93d16ad363bf10bc89f51f7ce30fd354f33546cb74317d8
SHA512

6f779e2fc1c711791d062aae8e8d09ed9408c9eb40596d6021dc99a0658122f1e4fd128860da42b21eaf0e5b6bc24fa02ad67c2f1453d3427961f0e63f55733d
SSDEEP

96:UPCmI8UgUCSuPFjt74GqjMr+9TgauIEUCZRzWvSugttrDQoxS9h/AOb/:U6D83UCSa1larEF3WUttXQoxSvAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c615dcaf90fd79221f7b8ce18d010612

Files

c615dcaf90fd79221f7b8ce18d010612
.exe windows:4 windows x86 arch:x86

2bba0995e859151e9b91a3911378dc2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
WaitForSingleObject
SuspendThread
SetEndOfFile
IsBadReadPtr
GetFileSize
DeleteFileA
ReadFile
GetFileAttributesA
GetStdHandle
HeapSize
DeleteAtom
FindAtomW
VirtualAlloc
ExitProcess
SetFileAttributesW
GetCurrentDirectoryA
SetLastError
GetModuleHandleA
CreateFileA
CloseHandle
GetCommandLineA
GetVersion
GetEnvironmentVariableA
SetLastError

cryptui

WizardFree
DllUnregisterServer
WizardFree
LocalEnrollNoDS
CryptUIWizExport
DllRegisterServer
LocalEnroll
CryptUIWizDigitalSign
CryptUIStartCertMgr
CryptUIDlgViewContext
CryptUIWizImport
CryptUIDlgFreeCAContext
CryptUIWizBuildCTL

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ