7c2164ab54c1f4a9da3e98f722754e7c | Triage

Sharing

General

Target

7c2164ab54c1f4a9da3e98f722754e7c
Size

21KB
MD5

7c2164ab54c1f4a9da3e98f722754e7c
SHA1

741382f4df2a46f339c237b85035f7d1bfa800bc
SHA256

7de113ecff6ccaaa9fe1a7ec3d035a772913cc1e7f9465740222092ff3b2709d
SHA512

b239b6a5a974c43182b98e127aa867981872cdfcbddef0ccb3b7371d1729fc7bb522e275336a95869bb3d39acfa65d9af4ff2bbc832141c81d37ccf5276b9aac
SSDEEP

384:a5agPHzZhpDLPqKYtuIJuHJ8hkkYASHfktoXxQ:PgvzDR7uthAHWkvHfXO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c2164ab54c1f4a9da3e98f722754e7c

Files

7c2164ab54c1f4a9da3e98f722754e7c
.exe windows:4 windows x86 arch:x86

c2112e3aecc832131fc28b790b307223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
ChooseFontA

kernel32

GetSystemTimeAsFileTime
ExitProcess
TerminateThread
WaitForSingleObject
WriteConsoleW
CreateFileA
GetLastError
WritePrivateProfileSectionA
VirtualAlloc
CreateFileW
GetTickCount
GetProcAddress
WritePrivateProfileStringA
WriteConsoleInputA
QueryPerformanceCounter
SleepEx
TlsFree
GetCurrentProcessId
TerminateProcess
WaitForSingleObjectEx
WriteProfileSectionW
CloseHandle
GetCurrentThreadId
GetCurrentProcess

advapi32

AccessCheckByTypeResultListAndAuditAlarmByHandleW
NotifyBootConfigStatus
AccessCheckByTypeAndAuditAlarmA
AddAccessAllowedAce

Sections

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ