cc16766a4ee26af2f4393929d4b092cf | Triage

Sharing

General

Target

cc16766a4ee26af2f4393929d4b092cf
Size

803KB
MD5

cc16766a4ee26af2f4393929d4b092cf
SHA1

92041d402275aefe274953dfdfaad032c5ce33c8
SHA256

7a9bbe1aef995d725676946f16355c0cd5fdcc6733b491777548f341349471bb
SHA512

47b7ca4763af51965b189066863becf13a0de50a44098b96a39bd2f262c23843d32e93365efe1b838010e19b436509b88c9c235f1280f8962a5adba696b444a5
SSDEEP

24576:3E3l0TCemviOFHmQeCPh4+gh8oTiEQPlcdkg:6iTCemqE/gh8oT7QPSi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc16766a4ee26af2f4393929d4b092cf

Files

cc16766a4ee26af2f4393929d4b092cf
.exe windows:5 windows x86 arch:x86

e0c6fe6180f40f5c2e8ddcd0208f56c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
HeapDestroy
GetProcessVersion
GetCurrentThreadId
CreateFileW
GlobalFlags
OpenMutexA
GetModuleHandleA
DeleteFileW
GetFileAttributesA
SetFileTime
CreateDirectoryA
DeleteFileW
LeaveCriticalSection
GetConsoleMode
CreateFileW
InterlockedExchange
GetDriveTypeW
FindAtomW
GetVolumePathNameA
GetModuleFileNameA
OpenEventW
SetFilePointer
GetTickCount
PulseEvent

user32

DispatchMessageA
DestroyIcon
wsprintfA
LoadCursorA
GetWindowTextA
SetFocus
SetRect
DestroyMenu
IsMenu
GetWindowLongA
PeekMessageA
GetWindowLongA
MessageBoxA

dot3msm

Dot3MsmDisconnect
DllMain
Dot3MsmDeInit
Dot3MsmFreeProfile

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE