c7a98b6d54412db30947a175e28df45d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7a98b6d54412db30947a175e28df45d
Size

810KB
MD5

c7a98b6d54412db30947a175e28df45d
SHA1

bb9aefcdcc3c31270a204aa58c0a1040eb6fdf9c
SHA256

3f1e882e3f162d476d83702f308382b022266c1cbc0a7808008037a076411723
SHA512

bf356c7eac251adb4990b7403c166a7d60b1a326efbb21533ba8850ac10759f79b5953a294be626fe62471cf406b9f3ca021accc8ff3dd254e89cfe9d33f07c5
SSDEEP

24576:KiH9rXImSa+gLjzwLpNrTE3oGe2VYqJy:Ke9bDTDzkjTlGe2VYqM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7a98b6d54412db30947a175e28df45d

Files

c7a98b6d54412db30947a175e28df45d
.exe windows:4 windows x86 arch:x86

801531e5e3712bf564b7976fb4f4ee96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetTickCount
lstrlenA
GetModuleHandleW
GetPrivateProfileIntA
CreateFileA
TlsAlloc
FindAtomW
GetFileAttributesW
VirtualAlloc
GetLocalTime
ExitProcess
GetLastError
FindClose
TlsGetValue
MapViewOfFile
CloseHandle
GetStdHandle
GetComputerNameA
GlobalFree

user32

CallWindowProcA
DrawStateA
DispatchMessageA
FillRect
GetDlgItem
GetClassInfoA
CreateWindowExA
GetMenu
GetClientRect
EndDialog
GetCaretPos
CloseWindow
DestroyCaret

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

gpedit

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ