cca992021c49b39d635e8a5da6c4cd81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cca992021c49b39d635e8a5da6c4cd81
Size

75KB
MD5

cca992021c49b39d635e8a5da6c4cd81
SHA1

dd403ed3253bb2ebe9cde1d588e45145caeb8695
SHA256

56b78cf03c2c85bccd7d41e9bbfa3ca5bd403caadfc706385b9037ad02d9bf9a
SHA512

686fee2612f79a187f787ed2a309b2a24f04d81acf0589b8df80fb19b0c31995bc212e1a84b1aca526966d055d7ba0966e494dc8f010e726ef1e9fc4ee62faec
SSDEEP

1536:v+ptzHU+jTY2faipTjqwAGTLSYmR8OMNi9Sg+PHnBxHSzX:v+3beeNi4g+PhpiX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cca992021c49b39d635e8a5da6c4cd81

Files

cca992021c49b39d635e8a5da6c4cd81
.exe windows:4 windows x86 arch:x86

61fbcc8ab68108993ece3880f095cc2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CloseHandle
ReleaseMutex
GetFileAttributesA
PulseEvent
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
HeapFree
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteProcessMemory
GetProcAddress
GetModuleHandleW
VirtualAllocEx
OpenProcess
GetCurrentProcessId
GetWindowsDirectoryA
SetFilePointer
CreateFileA
WriteFile
GetModuleFileNameA
SizeofResource
LoadResource
FindResourceA
GetCurrentProcess
CompareStringA
lstrlenA
CreateProcessA
lstrcpyA
lstrcatA
ReadFile
GetSystemDirectoryA

user32

wsprintfA

gdi32

GetStockObject

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ