ca8cccecbdeea3799bf0fd143dd23ab8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca8cccecbdeea3799bf0fd143dd23ab8
Size

51KB
MD5

ca8cccecbdeea3799bf0fd143dd23ab8
SHA1

36f0afa522d0913abe46df6fdec8c4ebf0ac12c4
SHA256

759d8c3dbc6b701750e831b368248a630e30d6eb4f5b7154cf1adcbdd8c031b7
SHA512

85832dd86283aa4f9d33d2ac65c90df8b13747917df0beb37528519cac0898548130309ae54918e24319bb4e008f40cdc5567b5771d7593c470a4353994bda57
SSDEEP

768:YDuFUW7HfHcun63qHKamYIb4gztKxPN7Ox/HC4EHvmBRRh/vSamV70wPNBSzYQ7P:Y/WTn63H5zGPN7OuHvmBlvSamGENsHAY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca8cccecbdeea3799bf0fd143dd23ab8

Files

ca8cccecbdeea3799bf0fd143dd23ab8
.exe windows:4 windows x86 arch:x86

ed7dc21cbe5776aee11909efca0618c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
SelectObject
SetBkMode
Rectangle
DeleteObject
GetTextMetricsA
SetTextColor
CreatePen

user32

SetWindowTextA
IsZoomed
CallWindowProcA
SendMessageTimeoutA
TranslateAcceleratorA
SetCursor
GetDlgCtrlID
SetForegroundWindow

kernel32

InterlockedIncrement
GetModuleHandleA
LCMapStringA
SetLastError
SetHandleCount
SetStdHandle
SizeofResource
LockResource
GetVersionExA
InitializeCriticalSection
WriteConsoleA
GetCurrentThread
CompareStringA
GetTimeZoneInformation
LocalAlloc
TlsFree

ole32

CoGetClassObject
CoFreeUnusedLibraries
OleIsRunning
CoResumeClassObjects
OleCreate
CoMarshalHresult
OleDuplicateData
OleSaveToStream
OleDraw

advapi32

StartServiceA
GetKernelObjectSecurity
GetSidSubAuthorityCount
GetTokenInformation
InitializeAcl
QueryServiceStatus
RegDeleteKeyA
CloseServiceHandle
GetAce

msvcrt

iswctype
strrchr
strncmp
_itoa

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ