07cb772e6e09c02bc1433e6c101e74aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07cb772e6e09c02bc1433e6c101e74aa
Size

31KB
MD5

07cb772e6e09c02bc1433e6c101e74aa
SHA1

b3d2b268057b4b601c2aa68dbb8726db44c8e2f0
SHA256

bd92d6be21493e384842816b770cedd0cddb475e79d8d2a141c8bf367ba69d51
SHA512

138cded87f3ce96bf8aaec7d7be5c5d8cbd517efa67c7094af52c264166265eb22ec0de9f7d9dd0fa7bbf1a6e46e316a58e3b114beae7a07624c94a7870aa2c4
SSDEEP

384:RHYGdz6dSv0SekeSprKhm1aIorXQskr3cE0Vr9CjIyf7pkeflL3jB3dll0QVg:BzKgjeT01NElWr7jDDx3jB3dll0QVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cb772e6e09c02bc1433e6c101e74aa

Files

07cb772e6e09c02bc1433e6c101e74aa
.exe windows:5 windows x86 arch:x86

87cec21983050bd5cc1ee9a84da358dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
ExitProcess

advapi32

FreeSid

comctl32

ImageList_Add

gdi32

SaveDC

ole32

IsEqualGUID

oleaut32

LoadTypeLib

shell32

SHGetMalloc

user32

GetDC

version

VerQueryValueA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.extra
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ