cba7e04459372f952f7d508225425d07 | Triage

Sharing

General

Target

cba7e04459372f952f7d508225425d07
Size

637KB
MD5

cba7e04459372f952f7d508225425d07
SHA1

9df623e29f392734987b815710307867fa40b65f
SHA256

33b9ededef0cfc3515cbc29aefa22e89b74eb203a617ea20b9c97d12da5548a0
SHA512

6dcf3d387bc56e637f4f318f91861d695055d3b75055f2e2edcd703b434e5bcaade28d7725c5d5bfb5ff51c33e7296237691a17438049e2caa3a929235b972e6
SSDEEP

12288:nDi8qTUQ9r0wR2M2cx/QdsKmXvrgvzb17nRDoJ:nH0UQdx2Fcy+K0jwNLRD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cba7e04459372f952f7d508225425d07

Files

cba7e04459372f952f7d508225425d07
.exe windows:4 windows x86 arch:x86

15ccab728c6e75d08adf33c7f550ddb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
ResumeThread
GetOEMCP
WaitForSingleObject
VirtualProtect
GetModuleHandleA
LoadLibraryA
GlobalSize
IsDebuggerPresent
GetSystemTime
GlobalMemoryStatus
FreeConsole
GetTimeFormatA
PeekConsoleInputA
InterlockedExchange
GetACP
GetCommandLineA
GetUserDefaultLCID
GetCurrentProcessId
HeapCreate
HeapDestroy

user32

GetDC
GetWindow
GetParent
EndPaint
GetCursorPos
ShowWindow
AnyPopup
GetClassNameA
CreateIcon
ReleaseDC
SetForegroundWindow
FrameRect
GetFocus
DragDetect
DrawTextA
GetTitleBarInfo
FillRect
wsprintfA
BeginPaint

ntshrui

SetFolderPermissionsForSharing
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
IsPathSharedA
GetLocalPathFromNetResourceA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ