caca3379b98547f6a805a777b082532a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caca3379b98547f6a805a777b082532a
Size

66KB
MD5

caca3379b98547f6a805a777b082532a
SHA1

83faf00b25df0f83742aed0c0429fce1f046c90e
SHA256

e2cfa2cb2b72be88da1fb7f695d95a08e768dc947387139636d7f1f13b8bf92e
SHA512

861266e0a5057f4dbd4522f0497744b0513df1bdd9fa410e218741559ac4f1c0e1e439ac5b71e5a99eab1c24c9a6bb3e1bd59cc890276ef6580adc927868994b
SSDEEP

1536:hyndudmjoxBUQqzOWlVX9g8rmEqTtqwSgEe3mPdzud9CPdudtfdudvdB:eMlxCQ4s4cqwS03mFI9CFMtVMlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caca3379b98547f6a805a777b082532a

Files

caca3379b98547f6a805a777b082532a
.exe windows:5 windows x86 arch:x86

01d3ae82405b57187ea050e05677bd82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcpyA
CloseHandle
WriteFile
CreateFileA
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempPathA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfA

shlwapi

SHGetValueA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE