ccdf8ae645edac629ed40e421b11ed2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccdf8ae645edac629ed40e421b11ed2f
Size

238KB
MD5

ccdf8ae645edac629ed40e421b11ed2f
SHA1

96824a873d04e16fd2c2623c00df5aca064709aa
SHA256

c34ea82e9221d248713fc270e54b794643adadc4e821c87e4d1a092f4c790c67
SHA512

d7e6ae0ac504babf46f4188bf3eaf69b3c10aa4d318e7641c97d6b36375b780252992533554448116e81c0288c47a94a437089d77a873fea8ee46b624d7710cd
SSDEEP

3072:MTPFX4ToyAZKy1uz0Ss9J+TgoCogSO0Xyw3FQrQWKp1JtbewjPTq5AhpnnaYSiwm:C54T0w4fn4FDW0ewTQxkOaB4YXdAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccdf8ae645edac629ed40e421b11ed2f

Files

ccdf8ae645edac629ed40e421b11ed2f
.exe windows:4 windows x86 arch:x86

498f1c3b1cfdd1f6431d4d43ce7429d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
PeekMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile
Sleep

advapi32

RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

Sections

.text
Size: 20KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE