cdf126d8dd980ff7b3cbf694980fa970 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdf126d8dd980ff7b3cbf694980fa970
Size

368KB
MD5

cdf126d8dd980ff7b3cbf694980fa970
SHA1

f723a4b9edc0dcb42f58050c19d04c3770e55782
SHA256

45fa917f25fdf8fd7f6a397620c92bb57daba6164d4927652c844f011dbce107
SHA512

58d8efb6e99c8edfc8369e593bf1fe141532ad15b67af8280f931fc5675705e28087bba9f337158f31ff2acb8fc4a478acd8b2b0091d8fa67843ca4195c39dde
SSDEEP

6144:u3lY6RMtrhrVf/DRauRHlwrFYaN5ino7241GtMqzIXPH8CV+mybPzKP3zUeXm9+r:u3m6RMjrpDneFNzino7IUHybPzQjUeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdf126d8dd980ff7b3cbf694980fa970

Files

cdf126d8dd980ff7b3cbf694980fa970
.exe windows:4 windows x86 arch:x86

9074cb88b7d7dd96da7279dcd4d8c26b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasW
GetDriveTypeW
SetEvent
FindAtomW
GetPrivateProfileStringA
ResumeThread
GetCurrentThreadId
GetCurrentProcessId
CreateEventW
LocalFree
GetModuleHandleA
FindClose
ReadFile
HeapCreate
lstrlenW
EnumCalendarInfoW
EnterCriticalSection
SetLastError
GetNumberFormatW
TlsGetValue

user32

DispatchMessageA
GetSysColor
IsWindow
GetClientRect
GetMenuInfo
GetKeyState
SetFocus
GetCursorInfo
GetKeyboardType
DrawTextA
GetClassInfoA
CallWindowProcW
DispatchMessageA

unimdmat

UmCloseModem
UmCloseModem
UmCloseModem
UmCloseModem
UmCloseModem

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ