ca5c3bae7160437747ea403d8ce40a80 | Triage

Sharing

General

Target

ca5c3bae7160437747ea403d8ce40a80
Size

12KB
MD5

ca5c3bae7160437747ea403d8ce40a80
SHA1

5382af997004b2a7e1cf3a8ed39855c20ec3d93c
SHA256

4571aaf0d3fe7e6c588634c7edb3c8df38def35c080c3a3abc8dd25fd8d69f79
SHA512

41f2bfd5efff788abd5bc47212bfa67ae22a389fab7b78e6292f86a8c0038dad2c963e20c39a7aa9eb34d66e2a9369707678d049005d44dfc1a0cf94805c80ce
SSDEEP

96:aRD9sdbcciB2buJ1SKUpACLF7APhJ2qD8mD:msGHEuJUKUptgh8qAW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca5c3bae7160437747ea403d8ce40a80

Files

ca5c3bae7160437747ea403d8ce40a80
.exe windows:4 windows x86 arch:x86

d8e88950806b18ec9a5852e716f77c58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetWindowThreadProcessId
FindWindowA

kernel32

ExitProcess
WriteProcessMemory
WaitForSingleObject
VirtualAllocEx
CloseHandle
CreateEventA
CreateRemoteThread
GetModuleHandleA
GetProcAddress
OpenProcess

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 322B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ