c8ce1ade0fff5e15188e5a1d03b0ff07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8ce1ade0fff5e15188e5a1d03b0ff07
Size

60KB
MD5

c8ce1ade0fff5e15188e5a1d03b0ff07
SHA1

506a1ad462cf354dc959c7af5622f84be5139dd2
SHA256

1a112a94334b46fd19498a44aa9d10f33997f5cfe5df2c996bea8aa8d22eba41
SHA512

3cc4ecaa6ca0bbd9d73e18b55b60c2ab4b2be2ba594c67c947532b4fffd0125198763a8fc8c1c02a730ed0efb661a2141dadd21b1ec518875ec32641c7c60b8b
SSDEEP

768:XifIaCf5TNo9uvw2VpUX3damvTCy0oeyxsT55tR+jjt8Q3G+kC4yGk:fbf5TNo9Gwtam7Nded55IzG+klyGk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8ce1ade0fff5e15188e5a1d03b0ff07

Files

c8ce1ade0fff5e15188e5a1d03b0ff07
.exe windows:4 windows x86 arch:x86

8667147110689d2c640d7f86a8a3b1d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GlobalAlloc
CreateThread
WriteFile
QueryDosDeviceW
FindNextFileW
FreeResource
FindFirstFileW
FreeLibrary
lstrcpyW
LoadLibraryA
GetSystemTime
GetModuleHandleW
GetTickCount
GetProcAddress
LoadLibraryW
FindNextChangeNotification
ResetEvent
SetWaitableTimer
GetCurrentProcess
GlobalUnlock
GetFileAttributesExW

user32

GetWindowRect
DialogBoxParamW
IsDlgButtonChecked
WindowFromPoint
SetCursorPos
GetDlgItem
VkKeyScanW
UpdateWindow
SystemParametersInfoW
LoadIconW
AppendMenuW
GetWindowThreadProcessId
SetWindowTextW

gdi32

DeleteObject
GetDeviceCaps
CreateDCW
CreatePen
MoveToEx
CreateFontIndirectW
DPtoLP
CreateBitmap
SetDIBits
DeleteDC
SetBkMode
SetBkColor
GetClipBox
LineTo

advapi32

RegSetValueExW
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExW
RegNotifyChangeKeyValue
RegCreateKeyExW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE