ca4c58b7fce115c64b3efbb65bcf11cc

General

Target

ca4c58b7fce115c64b3efbb65bcf11cc
Size

225KB
MD5

ca4c58b7fce115c64b3efbb65bcf11cc
SHA1

5d97070081a9193a64dc20deb7ce1f3adbd5f1df
SHA256

909b7b168f490070e04e877603d4babd514a08948df4a6e88349419f5b19dc4e
SHA512

860c6d467d9cd9c025843d805f3840ea73effdae403d7cf5fe7412049b0754235e68b7debef57ea40ac475f41f0a03a17cb04d6b20ca1c8679cd3a37f6915c9b
SSDEEP

6144:+2GTsnr3hiCqYEtSBrTEJbVZJlzhf5tNX1NFMRi1xShO4fUi:jKAECqY5gBnX1Ui1xSc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca4c58b7fce115c64b3efbb65bcf11cc

Files

ca4c58b7fce115c64b3efbb65bcf11cc
.exe windows:4 windows x86 arch:x86

18ed4d06bbd8a7b1512fa5be44f58751

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Beep
CancelWaitableTimer
ExitProcess
GetEnvironmentVariableW
GetLogicalDriveStringsW
GetTempFileNameA
GetVersionExW
GlobalHandle
LocalUnlock
WaitNamedPipeA

advapi32

AddAce
AddAuditAccessAce
AllocateAndInitializeSid
CryptAcquireContextA
CryptEnumProviderTypesW
FindFirstFreeAce
GetExplicitEntriesFromAclW
GetKernelObjectSecurity
GetSecurityInfo
GetServiceDisplayNameW
IsValidSecurityDescriptor
RegEnumValueA
RegisterServiceCtrlHandlerA

user32

CopyAcceleratorTableW
CreateIconIndirect
DlgDirListComboBoxA
EnumPropsExW
GetKeyboardLayoutNameA
GetMenuCheckMarkDimensions
GetWindowTextW
IsClipboardFormatAvailable
RegisterClipboardFormatA
SetMenuItemBitmaps
TranslateAcceleratorW

gdi32

AddFontResourceW
CreateEnhMetaFileA
DeleteDC
GetBkColor
GetCurrentPositionEx
GetDCOrgEx
GetObjectType
UpdateICMRegKeyA
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 221KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ed4d06bbd8a7b1512fa5be44f58751

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 221KB - Virtual size: 224KB

.rsrc Size: 1024B - Virtual size: 232KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 221KB - Virtual size: 224KB

.rsrc
Size: 1024B - Virtual size: 232KB