cb332e93dcd70598027dfe3610adebc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb332e93dcd70598027dfe3610adebc8
Size

637KB
MD5

cb332e93dcd70598027dfe3610adebc8
SHA1

e8bab62271f330f07c6be15a1570191d94f41744
SHA256

edcbb18069df2739317c8124d56f1f3e9bd85729c79099503fe5564f4fa10278
SHA512

3a1a4dfbd78a61fb03dd5eb3c0eeb535c0133de582b96b37be06dc40267f9d727a602f222cb5e1fd65eceb38102674a1f59372fdbaf408cbb69e4fbe658c542a
SSDEEP

12288:HzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:ToGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb332e93dcd70598027dfe3610adebc8

Files

cb332e93dcd70598027dfe3610adebc8
.exe windows:4 windows x86 arch:x86

db7f669c0e580d2da86595cb648f52f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
lstrlenA
HeapReAlloc
GetVersion
GetModuleHandleA
FindAtomA
GetTickCount
TlsFree
WaitForSingleObject
GetAtomNameA
CompareFileTime
HeapWalk
GetProfileIntA
LoadLibraryA
GetStdHandle
TlsGetValue
VirtualProtect
InterlockedExchange
GlobalUnlock
CloseHandle
GetConsoleCP

user32

ModifyMenuA
InflateRect
DestroyMenu
EqualRect
SetWindowPos
DialogBoxParamA
DispatchMessageA
SubtractRect
UpdateWindow
PostMessageA
CreateCaret
PostQuitMessage
LoadIconA
PaintDesktop
SetPropA
GetScrollRange
GetWindowTextA
GetMenu
InsertMenuA
GetMenuStringA
CopyRect
GetSubMenu
GetKeyboardLayout
TranslateMessage
EnableScrollBar
MessageBoxA
ShowWindow
GetDlgItem

msi

MsiDoActionA
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ