c862f2b0f5aba3809efa1ac3735e62f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c862f2b0f5aba3809efa1ac3735e62f0
Size

717KB
MD5

c862f2b0f5aba3809efa1ac3735e62f0
SHA1

c660faaaf3f4125610c0983b667930b9653a3e01
SHA256

87ecf96bf4838bdec79f04618de287de1f333220e6d684755c665dca1e6f9045
SHA512

28f5a7a8d34bd4300365974b24a35831ad7cfb647bc5c1bd59605c4d7a42a29a8c6dc800a46da712419a65f6aa90dd6115d6d882ab25128c8bc75c15d5e7bf25
SSDEEP

12288:VUDXZce5tzhzqSUk+8Ppr6oQGDI1GC63MPfZOAnPCcKgtynEe0tKkV/:Cee5tzA50QxGcGV3MPfZKpgtyTo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c862f2b0f5aba3809efa1ac3735e62f0

Files

c862f2b0f5aba3809efa1ac3735e62f0
.exe windows:4 windows x86 arch:x86

45686c31b194fa81fe79cf29f92416f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
HeapReAlloc
FindAtomA
LoadLibraryExA
VirtualProtect
CompareFileTime
ResetEvent
GetProfileIntA
GetAtomNameA
InterlockedExchange
GetACP
WaitForSingleObject
GetTickCount
SetEvent
lstrlenA
HeapWalk
GetModuleHandleA
GetVersion
GetConsoleCP
CloseHandle
GlobalUnlock

user32

GetMenuStringA
TranslateMessage
InsertMenuA
DialogBoxParamA
ModifyMenuA
ShowWindow
InflateRect
GetParent
GetKeyboardLayout
DestroyMenu
GetWindowLongA
SetPropA
PostMessageA
EqualRect
PostQuitMessage
GetScrollRange
SetSysColors
MessageBoxA
UpdateWindow
LoadIconA
ScrollDC
GetMenu
SetWindowPos
GetDlgItem
EnableScrollBar
DispatchMessageA
GetSubMenu
GetWindowTextA
CopyRect

msi

MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ