c4dfefff1bcfbcb95e75c47bfd69b1daf6df2b610a2cd5cca67fab021f97d02f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4dfefff1bcfbcb95e75c47bfd69b1daf6df2b610a2cd5cca67fab021f97d02f
Size

140KB
MD5

004a4dfeff51b369a48c129fde4a2177
SHA1

021740013e50455d89b7e2970ae035e75f010747
SHA256

c4dfefff1bcfbcb95e75c47bfd69b1daf6df2b610a2cd5cca67fab021f97d02f
SHA512

2dbebaecb3462f75f0df26646f3a0db29bad25261155af154ed26c6f65388bca666731152c8d16e0bc0441e050493b22a1e2df6b1da30c825123589afa94a2cb
SSDEEP

1536:3rSO4mKa8iH7kj6NThtKfvzqrDMpCSqfEjaqltw76ZSA6NmzUaWCua58fxlo2Ubl:emdH7gU94pZZaqnJrKXCua58P/Ubyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4dfefff1bcfbcb95e75c47bfd69b1daf6df2b610a2cd5cca67fab021f97d02f

Files

c4dfefff1bcfbcb95e75c47bfd69b1daf6df2b610a2cd5cca67fab021f97d02f
.exe windows:4 windows x86 arch:x86

597a8fc38d092bb7bb93fa2f9f2c6696

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
CreateFileW
GlobalUnlock
lstrcpyA
Sleep
GetCurrentThreadId
FindClose
SetLastError
LocalFree
GetCommandLineA
GetComputerNameA
FindResourceW
UnmapViewOfFile
CreateProcessA
lstrlenA
CloseHandle
HeapCreate
GetModuleHandleA
PulseEvent
LoadLibraryW

user32

CheckRadioButton
GetDlgItem
FillRect
CreateIcon
DrawMenuBar
SetFocus
GetCaretPos
GetDC
DrawEdge
CreateWindowExA
DispatchMessageA
CallWindowProcA
IsWindow

cryptui

WizardFree
CryptUIDlgCertMgr
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abxcudy
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE