cd937e037cb459896188e47ce79016f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd937e037cb459896188e47ce79016f1
Size

158KB
MD5

cd937e037cb459896188e47ce79016f1
SHA1

dad7866a400419bd573b4c5c388299fe21f26f1c
SHA256

e8aabe2920b5c05935a03d2a1d5619e072362ee3c945d0b54c52e294d30d0a67
SHA512

638d068d09cdbd5cf9e1e470ef362e8d7c917545f37ac6ad0a042b583deb54fbe50c57eb814ab58662887eb44b6b2d8bbd930bb474161127217cb49406c3a2f3
SSDEEP

3072:FuPI36Acmojx5ESb/yu+B2IHcFz3gz0Ugt/LxuLZTxKvun:FKI37ol5v6HRz0VPMT+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd937e037cb459896188e47ce79016f1

Files

cd937e037cb459896188e47ce79016f1
.exe windows:4 windows x86 arch:x86

d323cdaf8a0f657d489564c83f3beac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW

comctl32

PropertySheetW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

RegisterConsoleVDM
MoveFileW
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
GetFullPathNameW
CompareFileTime
GetShortPathNameW
SetFileTime

ole32

CoUninitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoInitialize

shlwapi

SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW

user32

PostMessageW
SetWindowTextW
SetWindowLongW
IsDlgButtonChecked
CreateCursor
GetDC
GetWindowModuleFileNameW
ReleaseDC
IsWindow
DestroyWindow
PostQuitMessage
LoadIconW
GetFocus
GetDlgCtrlID
MsgWaitForMultipleObjects

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ