ca4e79971251af8bd7c46e5a95c51eda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca4e79971251af8bd7c46e5a95c51eda
Size

173KB
MD5

ca4e79971251af8bd7c46e5a95c51eda
SHA1

d24126df22b5be76f83818d63f976659b58e7d30
SHA256

aebae6fe2569d85a767a6adbbfedb7ea168852d105eb030aca0c89554b94cee1
SHA512

b002280a6b0720800fae9a91a54b2066e93fdc8e2a8cfff4a8afa15c0f09a4b6df401ffc76b47db9c71cc41be93e4ab7550616dc1f77b27007aef81eca5a0c6c
SSDEEP

3072:LO7Fo72blk3WISWF6PXVlPG8C0igOTLv1r3CSKEyjEkYyfYqjngT5BLwE72BVQ:LOeQY1Sa6PjmgOTLxKBlY+Yqjne5B5uV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca4e79971251af8bd7c46e5a95c51eda

Files

ca4e79971251af8bd7c46e5a95c51eda
.exe windows:5 windows x86 arch:x86

debb5c6967e7c300e09d940041bb6359

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atoi
atol

shlwapi

IntlStrEqWorkerW
PathCompactPathExW

crypt32

CryptDecodeObjectEx

kernel32

lstrlenW
LoadLibraryA
lstrcmpiW

Exports

Exports

?SetPhoneRing@YAEPADH-P

Sections

.text
Size: 24KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ