ccef9f24ce63169834a2949dfecd1d06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccef9f24ce63169834a2949dfecd1d06
Size

31KB
MD5

ccef9f24ce63169834a2949dfecd1d06
SHA1

4b80d008e0edf204922e115d4b66f84d2b83fe45
SHA256

ac82e592f1c4bbf4276222999cc24f4cf5362e339d59f51f83a5b32f191d0324
SHA512

24c674cfb6ca6085aa3b20affb8bb05a100ed93c84e88947184c8ba861f90fcb1d0badad4de6bcd125a81c287f7707e6919c1ceac5e931d798f27e51d5860717
SSDEEP

384:PC4Bmd2pOgN/Z0i14Br0SMMQxbhLvIYFl+qmDTLSqLD4wqgxLVF:zI2RNigKbQFhMYFlYDBf4wBxLVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccef9f24ce63169834a2949dfecd1d06

Files

ccef9f24ce63169834a2949dfecd1d06
.exe windows:1 windows x86 arch:x86

4ac2b65d826a1f01ea9f6e35cc423a12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
ExitThread
GetCommandLineA
GetFileAttributesA
GetFileSize
GetLastError
GetModuleFileNameA
GetProcAddress
GetTempPathA
GetTickCount
GetVolumeInformationA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MoveFileExA
OpenEventA
ReadFile
SetEvent
SetFileAttributesA
SetFilePointer
Sleep
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrlenA

user32

wsprintfA

shell32

SHGetFolderPathA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ