cbff4b70c48a635d054fffc2d23a6c49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbff4b70c48a635d054fffc2d23a6c49
Size

393KB
MD5

cbff4b70c48a635d054fffc2d23a6c49
SHA1

3dba12b4bbce46d9db1c0ecc1bf1c1b023c2de88
SHA256

eb0e8423f170233be85117c49fdd86d469a1ca717ca5d8d4bd458ab9484ca38b
SHA512

577ec612f9239bfe23806eb4b0a94869f2115d1d64e656e2967d5682aeaad02d33921a9d083f3abae1f1cd80d3beec698be29b2a03435d5afd46fa096c3b118a
SSDEEP

12288:0XU0UsNs8h3DKE8Mx/ziuRAtYq34fjTd3d:0XUVsND3D6c1AF3QjZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbff4b70c48a635d054fffc2d23a6c49

Files

cbff4b70c48a635d054fffc2d23a6c49
.exe windows:4 windows x86 arch:x86

0c9f1043cfcc3b725cffda1ef6c48aa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSection
GetLastError
FlushFileBuffers
CreateFileA
LoadLibraryA
GetWindowsDirectoryA
GetFileType
CloseHandle
SetEndOfFile
LoadLibraryExA
DuplicateHandle
lstrcpyA
DeleteCriticalSection
GetCurrentDirectoryA
IsBadWritePtr
FreeLibrary
EnterCriticalSection
Sleep
WriteFile
SetFilePointer
ReadFile
GetModuleHandleA

user32

GetWindowRect
GetClientRect
GetWindow
SetWindowPos
CreateWindowExA

ole32

CLSIDFromString
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoUninitialize

oleaut32

LoadTypeLi
LoadRegTypeLi

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ