7cd9d3a89e9dfd704675128037c1900a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7cd9d3a89e9dfd704675128037c1900a
Size

92KB
MD5

7cd9d3a89e9dfd704675128037c1900a
SHA1

3ca82a964b20fd923b4019c5de190df6179bdbf0
SHA256

8630907d084036990ac9c6c885eae6da835345cdfb6e9e1d1f51fafbe4258289
SHA512

5d7408ee383bf9dd1fac5d512d99bef52c472f0b75fc7f45e4393b3e466e29df758b72d431ba3ee968cae69742170b104274c8342603e8bfca1c4c15cbbe61ea
SSDEEP

1536:Kf564kCbpPJrZ5ell+fu3EWMpQvzOCW5iAh7kT1DSVTo89q+gHDg6bi:KBNrB5XeL+fu3mQvz/W5VhoTJ6TDA+ob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cd9d3a89e9dfd704675128037c1900a

Files

7cd9d3a89e9dfd704675128037c1900a
.exe windows:4 windows x86 arch:x86

1c36e8a3d6df2d9a9acd0fad93083935

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetLastError
GetVersion
GetConsoleCommandHistoryLengthA
WriteConsoleInputVDMA
WaitCommEvent
SetConsoleIcon
WriteProfileSectionA
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlZeroHeap
vsprintf
NtLockFile
strstr
NtReplaceKey

Sections

.rdata
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ