ca26e7e787346347466ca5f11758fd4f | Triage

Sharing

General

Target

ca26e7e787346347466ca5f11758fd4f
Size

876KB
MD5

ca26e7e787346347466ca5f11758fd4f
SHA1

a469ea41274b45fe0cbbc927c5d3b98386bc676a
SHA256

e9d2952d2bb8d79c91a68b0ae34cae3f3f8b57d4d36ecfff2f735fa0251e9cc4
SHA512

f5efccf9f1ee8974e5df308218766822ddcfdcfd217e0cd2adf2c5febbf15977551f50dce377aeb8bdb4d0b6403f2f93d9082c62bf367a11e02b5a6fd04897df
SSDEEP

24576:UHgjVtAreztRg5kh8aP5E7z+wE51UklDm4FNvUrXK:mg/ArYtRWWuneDDmE26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca26e7e787346347466ca5f11758fd4f

Files

ca26e7e787346347466ca5f11758fd4f
.exe windows:5 windows x86 arch:x86

3a49f9961078215367a5e157afdc79c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
LoadLibraryA
GetCurrentProcess
CloseHandle
LCMapStringA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
SetWindowLongA
CloseWindow
wsprintfA

advapi32

RegEnumValueA
RegQueryValueA
RegSetValueA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA

Sections

.text
Size: 859KB - Virtual size: 860KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ