ccfa139d1a9c783ced3130a27493dd87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccfa139d1a9c783ced3130a27493dd87
Size

76KB
MD5

ccfa139d1a9c783ced3130a27493dd87
SHA1

3c4f56a1042fa66083ec5fdc77de057bc1e895bd
SHA256

dce6260ffa03be0a4d9a23994e7d1e8e88d637de9f2da5b56c388d433d5a134b
SHA512

aef8be4aa1522021b7f41431bc6b03f3e4f6d373d2c930739d9e93928af8783865355ee744d2e4c89f82a22e7364b8d712a7c6c3b77bc50d2cad857e426bae9c
SSDEEP

1536:W8LRyrRSbVBv7VWW1oU9s+ePbL4pPH4bdVOAyC3S2GPVHnSffHl:W8lygVnWW172+ePbLAgvOdpSfPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccfa139d1a9c783ced3130a27493dd87

Files

ccfa139d1a9c783ced3130a27493dd87
.exe windows:4 windows x86 arch:x86

1103b34ccb4b8aeb6b676dca7bcb560c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
InterlockedExchange
HeapCreate
VirtualProtect
GetConsoleCP
SetConsoleCP
WaitForSingleObject
GetModuleHandleA
GetCommandLineA
WaitForMultipleObjects
SuspendThread
CloseHandle
GlobalUnlock
GetVersion
GetStdHandle
GetAtomNameA
CompareFileTime
lstrlenA
HeapReAlloc
GetTickCount
GetSystemDefaultLangID

user32

GetCursorInfo
SetPropA
InsertMenuA
CreateIcon
DragObject
CreateMenu
GetDlgItem
IsDialogMessage
SetWindowPos
InvertRect
GetKeyboardLayout
DialogBoxParamA
DispatchMessageA
FillRect
EnableScrollBar
CopyImage
GetKeyState
SetScrollInfo
DestroyMenu
FindWindowA
DrawCaption

advapi32

RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ