705083cad2eeac4fc77724a7784f37ff | Triage

Sharing

General

Target

705083cad2eeac4fc77724a7784f37ff
Size

64KB
MD5

705083cad2eeac4fc77724a7784f37ff
SHA1

b4906c25bc70c42ea8b751a60dc68fac8ce60931
SHA256

c6e5a2821c721282f20feca3ea4ed6fb7f95cbe2130b7243fe596630dc55ce48
SHA512

7d16143ee5a3d4e5116ed90fef5bd15bacdaf5a8f87dc0b13562551cb3a4030b077bf40a3827812509af78ac1ea4d99be8c8aa0019c39c6731cc18b937338749
SSDEEP

1536:Ij5AtBwKc2nfYNhkAhVcuvjd9Abd5zUEKoqRwX:I0BJc2fYnVcuW/tKo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
705083cad2eeac4fc77724a7784f37ff

Files

705083cad2eeac4fc77724a7784f37ff
.exe windows:4 windows x86 arch:x86

6a3909891b37c0af0de26a520854b428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetContextToken
CLSIDFromProgID
CoTaskMemFree

kernel32

VirtualAllocEx
WriteFile
WideCharToMultiByte
VirtualQuery
ExitProcess
LoadLibraryA
lstrcpyA
GetLastError
WaitForSingleObject
GetOEMCP
IsBadHugeReadPtr

oleaut32

SysAllocStringLen
SysFreeString
SafeArrayGetUBound
GetErrorInfo
SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayCreate
SafeArrayUnaccessData
OleLoadPicture

gdi32

SaveDC
SetBkColor
GetTextAlign
RestoreDC
LineTo

user32

GetMenuStringA
GetMenuState
GetMenuItemCount
GetCursor
CharUpperA
GetMenuItemInfoA
GetTopWindow
GetMenu
GetMenuItemID
GetMessagePos

Exports

Exports

_S2ZtYr85Y0I
_TsFaEyYFPAXLpH@8
_cmq4jT@20
_hNpV1AhV
_S9TdwxT8Z8v@24

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ