cb4462c0b2aabd1038a9077843b9bc77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb4462c0b2aabd1038a9077843b9bc77
Size

18KB
MD5

cb4462c0b2aabd1038a9077843b9bc77
SHA1

4604b85d4a4daef58fb3876c41cd35d0c6748c0d
SHA256

204bef58b50bac93dc24030a5e482008024916d466a70331f24ced6d89a80927
SHA512

c3f2576ac8bb8317611baf653dd5a68b4c7ad7458ea42c1968d7bbdcf9f133e7a9953af80bea125099e40a787bc04dfa3ba5f654941ed2a12cff50c5cfbddaea
SSDEEP

384:Kr+jwA13GS+B/nLR8mzFm6ncXaV2rRtR66DR:YAj0LRfFlcXaV2rbj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4462c0b2aabd1038a9077843b9bc77

Files

cb4462c0b2aabd1038a9077843b9bc77
.exe windows:4 windows x86 arch:x86

6e1159736b8801ac7e4a7a661f4d04c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetExpandedNameA
FlushFileBuffers
DeleteAtom
LoadLibraryA
GetACP
VirtualProtect
GetCurrentProcess
GetTimeFormatA
GetEnvironmentStringsA
GetCurrentProcessId
GetCurrentThread
InterlockedExchange
HeapCreate
GetModuleHandleA
GetThreadPriority
OpenSemaphoreA
GetStdHandle
IsDebuggerPresent
WriteConsoleA
FormatMessageA

user32

DragDetect
ReleaseDC
SetForegroundWindow
FillRect
GetClassNameA
GetTitleBarInfo
EndPaint
GetCursorPos
GetParent
GetDlgItem
ShowWindow
GetFocus
SetActiveWindow
BeginPaint
GetWindowTextLengthA
wsprintfA
DrawTextA
GetWindow
FrameRect

advapi32

RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA
RegFlushKey

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ