caa5c038a79fbed6f1fe8268cc62cbb9

General

Target

caa5c038a79fbed6f1fe8268cc62cbb9
Size

76KB
MD5

caa5c038a79fbed6f1fe8268cc62cbb9
SHA1

dd037cefd8e21348659ac4e7fd0f1ec7d6936d6d
SHA256

c5855a3664fbc22afa5660bd078c582d7be6c9e0d14b989420615bb464c05d71
SHA512

5fff0924fdd73015cdd6c1460f596dbfcf083015f15d93eee7ec584dd8a870f00760f96d486baaea9f9e40cb46348e60a142aca5706f260b4b5aa2ee472af1f9
SSDEEP

1536:2qgX4+YrviQQbfTqZ5ycaGCVLhQYsPLQS28r:X+1bOZ8VGaqBzQSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caa5c038a79fbed6f1fe8268cc62cbb9

Files

caa5c038a79fbed6f1fe8268cc62cbb9
.exe windows:4 windows x86 arch:x86

5b25e2c2245caa4876f1d9c12f177e84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextLengthA
LoadCursorA
GetDC
DrawIcon
GetCursor
CopyImage
BlockInput
DrawIconEx
CopyIcon
DialogBoxParamW
AlignRects
GetDlgItem
DrawTextA
CreateIcon
GetWindowTextA
EndDialog
IsMenu
AppendMenuA
DrawTextW

comctl32

ImageList_GetIcon
ImageList_LoadImageW
ImageList_Replace
ImageList_GetImageRect
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_Remove
ImageList_GetIconSize
ImageList_LoadImage
ImageList_DragLeave
ImageList_LoadImageA
ImageList_Create
ImageList_Merge
ImageList_EndDrag
ImageList_Copy
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Draw

kernel32

SetLastError
GlobalFree
GetComputerNameA
WriteFile
CreateProcessA
GetLastError
DeleteFileA
CreateThread
CopyFileW
GetStdHandle
GetCommandLineA
CopyFileA
CopyFileExA
ExitThread
Sleep
FindAtomA
DeleteAtom
CopyFileExW

advapi32

RegQueryValueExA
RegQueryValueExW
RegCreateKeyW
RegDeleteValueW
RegFlushKey
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueA
RegGetKeySecurity
RegDeleteKeyA
RegLoadKeyA
RegQueryValueW
RegEnumValueA
RegQueryInfoKeyW
RegReplaceKeyA
RegCreateKeyExW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 844B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b25e2c2245caa4876f1d9c12f177e84

Headers

File Characteristics

Imports

user32

comctl32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 56KB - Virtual size: 93KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: - Virtual size: 844B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 56KB - Virtual size: 93KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: - Virtual size: 844B