70d08033e250a31468c680392fd6af62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70d08033e250a31468c680392fd6af62
Size

41KB
MD5

70d08033e250a31468c680392fd6af62
SHA1

ca09477b060902617aa1d22e7870ed177e8977f2
SHA256

e1751c25c70212e260d4ecb340fc2e6985e418b43ae3961fbf46eb8e68643650
SHA512

10dd081e3f8e0393aff924e084269a4b980191ccf25a0d74da5e356c21e4847eacdec9c6caac236ff0a66cc4b4b3ddd4e2302427399b604b1f38ef3bde50d74f
SSDEEP

768:dWOCsHnLjaddRWLu0fKiFrB2njt/cGonnrYMa7AifsD:dWOCsHnHaTRWL1iQrBKjh+nnr+YD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d08033e250a31468c680392fd6af62

Files

70d08033e250a31468c680392fd6af62
.exe windows:4 windows x86 arch:x86

edb5c9acd20a3611617acc80999c58cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
WaitForSingleObject
HeapCreate
GetAtomNameA
GetUserDefaultLangID
ResumeThread
GetModuleHandleA
CompareFileTime
InterlockedExchange
LoadLibraryExA
GlobalSize
GetVersion
SetLastError
GetTickCount
GetConsoleCP
GetCommandLineA
GlobalUnlock
lstrlenA
WaitForMultipleObjects
GetConsoleDisplayMode
VirtualProtect

user32

GetWindow
GetDC
GetClassNameA
CreateIcon
GetTitleBarInfo
GetParent
DragDetect
GetCursorPos
BeginPaint
ShowWindow
FillRect
GetFocus
AnyPopup
SetForegroundWindow
FrameRect
wsprintfA
EndPaint
DrawTextA
ReleaseDC

rastapi

DeviceListen
AddPorts
PortClose
DeviceDone
DeviceConnect

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE