cf2a89e27ffdb1441bc84d1bda960054 | Triage

Sharing

General

Target

cf2a89e27ffdb1441bc84d1bda960054
Size

244KB
MD5

cf2a89e27ffdb1441bc84d1bda960054
SHA1

8d2fdf83dd325ce164082901723fe2675c605c31
SHA256

c589d74bf8ceb9c413dcfe36fab5cb3b9af13f1ae0a1659b4db318cca299e60a
SHA512

88f18be465b8aa33c4f25c2aecad61515be2c6a65202e78089785a182a742e8784470ef06acc3fa20c45fe520a739b8d45a75809edd64a254d492b96759b0423
SSDEEP

3072:O3qrAujDQRuyCX/zidnB4VHqmx9pahr6G5eky7gO1hK/EuVRKlbIrFb1qIsFGPBr:O3yqRm0BwHqmx9pW6u6gAXuTKMXqW85E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

cf2a89e27ffdb1441bc84d1bda960054

Files

cf2a89e27ffdb1441bc84d1bda960054
.exe windows:4 windows x86 arch:x86

189bd2a6a935721fc4bef78224528b64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LoadResource
FindResourceA
LoadLibraryExW
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess

user32

GetMessageA
DialogBoxParamA
PostQuitMessage
SetWindowLongA
GetDlgItem
CallWindowProcA
SetDlgItemInt
FindWindowA
SendMessageA
SetDlgItemTextA
EndDialog
GetDlgItemTextA
TranslateMessage
DispatchMessageA
MessageBoxA

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
printf
__dllonexit
_onexit
_strnicmp

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ