706dd2d80164efdc32785a527dced272 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

706dd2d80164efdc32785a527dced272
Size

346KB
MD5

706dd2d80164efdc32785a527dced272
SHA1

a0f4ddac33bb865e6f795ad9724f017c03bfff5d
SHA256

e4c9c9ba924fb1371a34ecd9fc5fc082369855d09ab2b5920e054fa3f23e64ef
SHA512

9094e17c6430222a82e67103aaaa382d76bac6d605aaf97f46f237e9a4874b5100beeb7e9be852c5d2de94283e4619bd2b80748e9c09ca5a4d0c8b42735a7d2f
SSDEEP

6144:YRWdihw0oXih+IIG/fpUyifD7sujTqW9OKmLBWguHt06X:chwZyh9/fp83hqWcbzWz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
706dd2d80164efdc32785a527dced272

Files

706dd2d80164efdc32785a527dced272
.exe windows:4 windows x86 arch:x86

0ad385cc0fe3b9426013e5149b89640d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
FindAtomA
LoadLibraryA
HeapReAlloc
WaitForSingleObject
GetAtomNameA
GetModuleHandleA
GetProfileIntA
InterlockedExchange
GlobalUnlock
GetStdHandle
GetTickCount
GetACP
GetVersion
HeapWalk
TlsGetValue
lstrlenA
GetConsoleCP
CompareFileTime
CloseHandle
TlsFree

user32

CreateCaret
InsertMenuA
ShowWindow
SubtractRect
CopyRect
SetWindowPos
PaintDesktop
ModifyMenuA
MessageBoxA
GetMenuStringA
LoadIconA
TranslateMessage
SetPropA
EnableScrollBar
GetKeyboardLayout
InflateRect
PostMessageA
GetDlgItem
GetMenu
DispatchMessageA
GetWindowTextA
DialogBoxParamA
UpdateWindow
EqualRect
DestroyMenu

msi

MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ