fc7aaa09ad20384666ee9f72094c5003 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc7aaa09ad20384666ee9f72094c5003
Size

131KB
MD5

fc7aaa09ad20384666ee9f72094c5003
SHA1

1dcdcca11dedcee00d73ac9d97e0012aa4dd1d1a
SHA256

e57af2a1f6b6c3a1de2a0e62fbcee4877953d6aeb179d392c267dd99edc0b744
SHA512

81710accff93d2f9761b6f2dd05c501ad001b3a5d2c862377edec4687a84e855f0a67eed57fe5ec64e17add405a9e3ba6099d519768ce7bcd942c9e3be9eb45e
SSDEEP

3072:wQFHCS3oIU157MVbHtLnWWyqMdyrOjUlrCOTzffu6J2N7o9y:wQwS9tHtD3bMdGuIz3u22N+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc7aaa09ad20384666ee9f72094c5003

Files

fc7aaa09ad20384666ee9f72094c5003
.exe windows:4 windows x86 arch:x86

800920539297009554cb80c35e3695f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReleaseStgMedium
CoUnmarshalInterface
StgOpenStorage
CoDisconnectObject
CoCreateFreeThreadedMarshaler

shlwapi

PathGetCharTypeA
PathIsContentTypeA
SHQueryInfoKeyA

kernel32

VirtualAllocEx
LoadLibraryA
GetDateFormatA
GetCommandLineW
GetCurrentThreadId
IsBadHugeReadPtr
GetDiskFreeSpaceA
ExitProcess
GetEnvironmentStrings
GetFileAttributesA
GetFileSize

gdi32

GetClipBox
CreateDIBitmap
GetPaletteEntries
SelectPalette
GetPixel
GetBkColor
SetPixel
GetTextAlign
CreateDIBSection

user32

IsDlgButtonChecked
EnableWindow
GetMenu
CreateMenu
GetMessagePos
GetScrollInfo
GetPropA
GetParent

Exports

Exports

BZwt7huAvh7
_hesfXmT2
_Za1mnA_SRHSSH
ZhPnlcm1W_@8
_7Y5hBarb1rra5

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ