0ad4c70c734d53f96e1aec472ff6780e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ad4c70c734d53f96e1aec472ff6780e
Size

801KB
MD5

0ad4c70c734d53f96e1aec472ff6780e
SHA1

ba306151aae2de0d26327834e36d83b820e7404e
SHA256

23f83cd78adf37d2b4218a67b555c74489aafc05f610543ef2628b0d8087b1ec
SHA512

e6114faae42aeb8e89754db5ec015285df197b250e080340a4a4fca015a13fd45bd5c34dd4245d8be17290100bcd74666b6609d41c87dc13ba3c5a7a25eae896
SSDEEP

12288:mlK1aCCFoWZdfC4o1BABOVzmb3yW5s9qhBvEfDho0yOfw5f5U8qcifRRciALm3nP:tSXZdq1AMqbZyNoHOfwJ5U8qLSZLm32K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad4c70c734d53f96e1aec472ff6780e

Files

0ad4c70c734d53f96e1aec472ff6780e
.exe windows:4 windows x86 arch:x86

320e4d57afa6debf95c106cccae7c4fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
PulseEvent
lstrcpyA
CreateThread
lstrlenA
HeapCreate
LocalFree
GetComputerNameA
GetSystemTime
GetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
UnmapViewOfFile
GetCommandLineA
LoadLibraryW
ResetEvent
GlobalUnlock
FindClose
Sleep

user32

CallWindowProcA
CheckRadioButton
IsWindow
DrawEdge
DispatchMessageA
GetCaretPos
CreateWindowExA
GetDlgItem
DrawMenuBar
SetFocus
CreateIcon
FillRect
GetDC

cryptui

LocalEnroll
CryptUIDlgCertMgr
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA
WizardFree

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 793KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE