ca0daa459e34f8748655d32768ad12ed

General

Target

ca0daa459e34f8748655d32768ad12ed
Size

128KB
MD5

ca0daa459e34f8748655d32768ad12ed
SHA1

b6858de184dfffe56e1050a3b6e48672ae31805b
SHA256

a9684232bae1326554e3bace9f34486a59cb9d1b876502e8f6ce133b2ae87175
SHA512

e5659052ec19702ce61f80fdc15e3e57e37b06ec4444c9648572f1f204dbd681fcbe8b512b6645bf0437116c508af12f1ddf0f1c16d36e11a8de745e9bc52682
SSDEEP

3072:Q5xlN7wFiQqIokhjC3ylL6Ru+lVgqXC7+kIs:QlN7iiQfjCClL6R1gqA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca0daa459e34f8748655d32768ad12ed

Files

ca0daa459e34f8748655d32768ad12ed
.exe windows:4 windows x86 arch:x86

e9fd3f5b47f571e1444b8f9e87888024

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetConsoleTitleA
Sleep
EnumResourceTypesA
IsBadCodePtr
WriteConsoleOutputCharacterA
WriteFileGather
GetDiskFreeSpaceExA
GetSystemWindowsDirectoryA
DeleteTimerQueueTimer
WaitForMultipleObjects
GetVersionExA
InterlockedDecrement
CommConfigDialogA
OpenMutexA
SetVolumeMountPointA
GetProcessPriorityBoost
ReadConsoleInputA
GetBinaryTypeA
SetFilePointerEx
WriteConsoleInputA
WriteProfileSectionA
CreateSemaphoreA
GetLogicalDriveStringsA
GetTempFileNameA
CopyFileA
GetTempPathA
GlobalHandle
FlushConsoleInputBuffer
ReleaseMutex
GetStartupInfoA
GetSystemDirectoryA
SetFileTime
GetWindowsDirectoryA
FlushFileBuffers
GetConsoleOutputCP
GetFileTime
GlobalAddAtomA
lstrcat
GetFileType
VirtualAlloc
GetCommandLineA
ProcessIdToSessionId
SetLocalTime
IsBadStringPtrA
FindNextVolumeMountPointA
lstrlenA
GetDiskFreeSpaceA
FindResourceExA
Thread32First
DeleteTimerQueue
GetCurrentThread
SetDefaultCommConfigA
ResetEvent
GetFullPathNameA
SetEndOfFile
GetComputerNameExA
ChangeTimerQueueTimer
GetPriorityClass
TransmitCommChar
GetConsoleCursorInfo
GetProfileSectionA
GetProcessHeap
WriteConsoleInputA
IsValidLocale
LoadLibraryA
GetShortPathNameA
SetEvent
GetCommState
HeapDestroy

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9fd3f5b47f571e1444b8f9e87888024

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 336B

.text Size: 116KB - Virtual size: 393KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 336B

.text
Size: 116KB - Virtual size: 393KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB