ca5457c41b153a0d34916f1cfde81c7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca5457c41b153a0d34916f1cfde81c7f
Size

7KB
MD5

ca5457c41b153a0d34916f1cfde81c7f
SHA1

ab9f4354f85c0ef9b4bce0c464e00d333a5fb386
SHA256

72baada8419a0090f5ab6c2bfa1b72c38ecb566300cab76fb03f8771794349eb
SHA512

d26583f163055aa82e4ec10ea64a152adb49dce02f577a9537fdbd633b9abd453f6995fb9cd579169c4e0f7c5b5043bcb1af72689f2db71d84e3a75b6387c240
SSDEEP

48:yAVk3OOmKty8nziNm/ldvSlNFDFf0MalBr6RfajwXmeZ5dLJvReCzTln1neZRVMa:eOOm6yQkCa52F8HxvRe4Tln1nGAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca5457c41b153a0d34916f1cfde81c7f

Files

ca5457c41b153a0d34916f1cfde81c7f
.exe windows:4 windows x86 arch:x86

4e9898945bc75494532107c53b8b35e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ole32

CoCreateGuid
StringFromCLSID

kernel32

GetSystemDirectoryA
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
TerminateProcess
Sleep
CloseHandle
CreateFileA
CreateToolhelp32Snapshot
ExitProcess
OpenProcess
Process32First
Process32Next

Sections

.text
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE