ca018e2975b8273f8dfdf06f21f2955f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca018e2975b8273f8dfdf06f21f2955f
Size

7KB
MD5

ca018e2975b8273f8dfdf06f21f2955f
SHA1

c7937615348333eab26cda7b237059b74e3a86ee
SHA256

b8c9b38d15ff6f8d3fa4172b299ecc398cc09330fc2218bde8383ef53114f4db
SHA512

43b8d60fe3526182028697fc24ef35b1682e717bb3feca3c67d06b1a1367bde9f4d5300e4ed055967aa2bc4de526d0d447c84a81a8dc060a7d975f9caadb1644
SSDEEP

192:jYawJD8TMcIsWNCRn6liuyCvFv3imVDDaz:4HcDcWn6liuyOSwDaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca018e2975b8273f8dfdf06f21f2955f

Files

ca018e2975b8273f8dfdf06f21f2955f
.dll windows:4 windows x86 arch:x86

106b133369c47fceb3adf98b8e36f71d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendDlgItemMessageA
SendMessageA
GetDlgItemTextA
SetWindowLongA
CallWindowProcA
GetWindowLongA
UnhookWinEvent
GetClassNameA
GetWindowTextA
SetWinEventHook

kernel32

GetModuleFileNameA
CreateFileA
CloseHandle
VirtualAlloc
FreeLibrary
DeleteFileA
ExitThread
CreateThread
DeviceIoControl
GetComputerNameA
GetWindowsDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetModuleHandleA
LoadLibraryA
GetProcAddress
Sleep
GetCurrentProcessId
IsBadReadPtr

advapi32

GetUserNameA
GetCurrentHwProfileA

crypt32

CryptQueryObject

ws2_32

gethostname
gethostbyname

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ