cf5c6e0e6acc8c5e1d7d4fe3618e1450N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf5c6e0e6acc8c5e1d7d4fe3618e1450N
Size

320KB
MD5

cf5c6e0e6acc8c5e1d7d4fe3618e1450
SHA1

01e6320d3c6c83edec760df2a24530d7aaa9f62e
SHA256

35b1993561d39f643b70e56cb32b31f317ccd1cca53fa06cab959a8fdc6516f8
SHA512

e6188d9601cccd25cf51379bb7e0f0dfb5cd51a02b27c8003e84f8d46158b1a51f59294f73157c10d816779dcb6d4d1f7fb9ee1c6c7fb4403fd91bc68e97e6dc
SSDEEP

6144:ju8BmLHC9+7SxhjmqsfGCIUZXiwRlDzgnJOGHhZ9al5YgvysriJOyL3:ju6h5mf3I2iwDzgn3Y5h6sriJdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf5c6e0e6acc8c5e1d7d4fe3618e1450N

Files

cf5c6e0e6acc8c5e1d7d4fe3618e1450N
.exe windows:4 windows x86 arch:x86

3e657e673fd8e2b17f68d078d9ef3c86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetErrorMode
GetLocaleInfoA
GetLogicalDrives
GetSystemDirectoryA
ReleaseMutex
CloseHandle
ResetEvent
VirtualProtect
GlobalFree
LoadLibraryExA
FindFirstFileExA
EnterCriticalSection
RaiseException
GetStdHandle
Sleep
InterlockedExchange
SetEvent
GetLastError
GetACP
HeapCreate

user32

IsIconic
EndPaint
FrameRect
BeginPaint
GetCursorPos
wsprintfA
GetWindow
FlashWindowEx
ShowWindow
ValidateRect
FillRect
GetActiveWindow
GetFocus
GetWindowTextA
ReleaseDC
SetForegroundWindow
DrawTextA
GetClassNameA
GetParent

dsound

DirectSoundEnumerateA
GetDeviceID
DllGetClassObject
DirectSoundCreate
DirectSoundCaptureCreate

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ