c878a396e7a74ca5fad6215f80ac8118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c878a396e7a74ca5fad6215f80ac8118
Size

747KB
MD5

c878a396e7a74ca5fad6215f80ac8118
SHA1

4429061b1e6366afbbd33e069c604f208d8173ca
SHA256

20ace7b3c97d7a5cbad2200d857f25ef2d6d9de19253c4821c9a854841036ac9
SHA512

b860eda4a4515cedcb221caa1960fbc7e871c7ca8c128fceb0e52a83757f842224f460103bea2d3ad3703960acc92eb43224dac47734a2803fa30f0fe44bcf0e
SSDEEP

12288:fGfrtrWha3FSyBjQ6kHp+5dIXjcdq0DvYQ0qNroQSYUJMzl7sdUzxsbJQjlkjEdm:OfdWwFlJwJ+AXjWB7jNUQSBJ4uGxEGOr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c878a396e7a74ca5fad6215f80ac8118

Files

c878a396e7a74ca5fad6215f80ac8118
.exe windows:4 windows x86 arch:x86

ae82f86f349e8f0dcc799b89c75dbc43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
ExitProcess
WriteConsoleW
CreateMutexA
ReleaseMutex
HeapSize
SetLastError
ResetEvent
GetCommandLineW
GetEnvironmentVariableW
GetFileAttributesA
SetEvent
RemoveDirectoryA
GetTickCount
GetModuleHandleA
ClearCommBreak
OpenProcess
VirtualAllocEx
DeleteFileW
CreateFileA
GetStartupInfoW

user32

DispatchMessageW
PeekMessageA
GetClassInfoA
FillRect
GetDC
DispatchMessageW
GetDC
CallWindowProcW
FindWindowA
GetWindowLongA
GetDC
GetCursorInfo
GetSysColor

mciseq

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ