079f7004c2718b4c0f05607ec5db87e9 | Triage

Sharing

General

Target

079f7004c2718b4c0f05607ec5db87e9
Size

17KB
MD5

079f7004c2718b4c0f05607ec5db87e9
SHA1

da461570bc1f5ec16abd748d44e4835263cc156c
SHA256

015ee3c3633b15d5d26f2f710192216937222d62b6be2957ca893761c8417991
SHA512

f99f3664ddb47cab132ebffe819941d155ccb3b979757f7d7f0a8ab379f72a92c4702c2aa9b75b7321cbd87f40eadcbe2f262849e53c2ab5499fd91bfcf97606
SSDEEP

384:3p+kDg5bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb3:3p+Mg5bbbbbbbbbbbbbbbbbbbbbbbbbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
079f7004c2718b4c0f05607ec5db87e9

Files

079f7004c2718b4c0f05607ec5db87e9
.exe windows:4 windows x86 arch:x86

b6a0b0e7f8a365f51a708f3f3e47b7e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetVersion
lstrlenA
CompareFileTime
WaitForSingleObject
VirtualProtect
WaitForMultipleObjects
CloseHandle
SuspendThread
LoadLibraryExA
GetCommandLineA
HeapReAlloc
GetSystemDefaultLangID
HeapCreate
GetConsoleDisplayMode
GlobalUnlock
GetModuleHandleA
InterlockedExchange
GetConsoleCP
LocalSize
GetAtomNameA

gdi32

GetMetaRgn
EndPath
FloodFill
DeleteDC
CreateFontA
BeginPath
GetMetaFileA
EngLineTo
DeleteObject
Escape
GetStringBitmapA
Ellipse
GetRgnBox
CreatePalette
GetFontData
EqualRgn
GetTextColor
AbortPath
CreateICA

rastapi

DeviceListen
AddPorts
DeviceDone
PortClose
DeviceConnect

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ