cdfae03ca18bbaf307a77f9ba2bb7b38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdfae03ca18bbaf307a77f9ba2bb7b38
Size

52KB
MD5

cdfae03ca18bbaf307a77f9ba2bb7b38
SHA1

a9603e190c465660fd2864ec18cbb761213daeea
SHA256

c1850327588b833f736134327eec5830642baf63782a4adc20d96aa94a52c73c
SHA512

22216b83518c4f2a3d878bc941c11384db5bb4b6e784f7c8d82d6fdc6b7c6160e58108c47f7cb1c5e2dc6c60a6cba715382bf9cd39e295baad1611c1191c2971
SSDEEP

768:a7ICJve1mpmZIzWuPktqtMJWsczm+We5GtcwUtM4VACE:axNOmphz7PBtZZmnwwUtM4VA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdfae03ca18bbaf307a77f9ba2bb7b38

Files

cdfae03ca18bbaf307a77f9ba2bb7b38
.exe windows:4 windows x86 arch:x86

97c54bdd8ea973b39cc32eb3e2dad15a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextChangeNotification
lstrlenW
SuspendThread
TerminateThread
LoadLibraryA
CreateProcessW
FreeLibrary
GetTickCount
GlobalUnlock
GetLogicalDrives
CreateWaitableTimerW
GetPrivateProfileStringW
CreateFileW
GetModuleFileNameW
GetFileSize
CloseHandle
WideCharToMultiByte
ReadFile
GetProcAddress
CancelWaitableTimer
SetLastError
InterlockedIncrement
LoadResource

user32

SetDlgItemTextW
ReleaseCapture
GetWindowThreadProcessId
OffsetRect
GetParent
RegisterClassExW
SetForegroundWindow
TrackPopupMenu
GetMessageW
DestroyMenu
WindowFromPoint
EndDialog
DrawTextW
SendDlgItemMessageW
LoadCursorW
PostMessageW
GetCursorPos
AppendMenuW

gdi32

DeleteDC
SelectObject
GetStockObject
CreateCompatibleDC

advapi32

GetUserNameW
LookupAccountSidW
LookupPrivilegeValueW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE