ca7072acc1407e36d195b6f4890d4f25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca7072acc1407e36d195b6f4890d4f25
Size

15KB
MD5

ca7072acc1407e36d195b6f4890d4f25
SHA1

2e5f97d3407d074b281ef1d59357f9addbb43b18
SHA256

d0915e95e4ee4d26d5024b2c9ec9444a33ba47e98a213487301e3a0ce398fd54
SHA512

5b42254262ab55436eccd3d18bad0e64bdd8b26fb89538ee5fa62cb25ef3cad3f660a1f4b4b634a17e17b587763c76716b29d7738b3696773a1cf88f141a7cda
SSDEEP

192:Mpfn1JVwRcXSsiZIsfXBzsc+QJk01qmJmXnFAwpm:ruSsiWsfBzN1kLPXTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca7072acc1407e36d195b6f4890d4f25

Files

ca7072acc1407e36d195b6f4890d4f25
.exe windows:4 windows x86 arch:x86

e23583071655288a8d9d617f86252cdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
ResumeThread
TlsGetValue
lstrcpyA
TlsSetValue
GetSystemDefaultLCID
lstrcatA
VirtualAlloc
DeleteFileA
GetUserDefaultLCID
GetThreadLocale
GetCommandLineA
GetModuleHandleW
CreateSocketHandle
GetCurrentThreadId
GetFileAttributesA
TlsAlloc
IsDBCSLeadByte
GetDriveTypeA
TlsFree
GetModuleFileNameA

user32

RegisterClassA
IsWindowVisible
ShowWindow
GetForegroundWindow
IsIconic
GetWindowLongA
ReleaseDC
GetWindow
GetActiveWindow
GetFocus
UpdateWindow
GetWindowTextA
ValidateRect
GetWindowDC
GetDC
CloseWindow
GetClassInfoExA
GetSystemMetrics
GetWindowTextLengthA

imagehlp

ImageNtHeader
ImageLoad
FindFileInPath
CheckSumMappedFile
BindImage
FindDebugInfoFile

wintrust

SoftpubDefCertInit
GenericChainFinalProv
FindCertsByIssuer
CryptSIPGetInfo

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ