ca86bfdca6921a8baa13f558fcd5f293 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca86bfdca6921a8baa13f558fcd5f293
Size

51KB
MD5

ca86bfdca6921a8baa13f558fcd5f293
SHA1

2e157b15779b5ce3f5c788356b72c7cb37fc3926
SHA256

078a0b1b4d64eeea79999be9337fa7e8d4775671d7e9b6681c8f337cacc7d400
SHA512

77cdbf99d8594be575f3768b73ac89ee907600a715ed15333e7ee60203d38a25bb729f70272e78ca62f70e9553da1368d759c65a1df3b12aae1a468d9bf7e679
SSDEEP

1536:z02E+HVNU/caPrmWYa9ec4Y2D2w5lgQ0:z5s/Jr9YTQe9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca86bfdca6921a8baa13f558fcd5f293

Files

ca86bfdca6921a8baa13f558fcd5f293
.exe windows:4 windows x86 arch:x86

742fad35447f68f55a385a7d003348ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GlobalReAlloc
Heap32First
ReadConsoleA
SleepEx
_hwrite
lstrcmp

user32

CreateDialogParamA
DefFrameProcA
GetMenuItemID
GetUserObjectInformationW
LockWindowStation

shell32

Control_RunDLLW
DllCanUnloadNow
ExtractAssociatedIconExW
FreeIconList
RealShellExecuteW
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
SHQueryRecycleBinW
SheChangeDirExW
ShellExecuteW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE