0e70cbcbc4e95515ebac2838a1da0e85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e70cbcbc4e95515ebac2838a1da0e85
Size

395KB
MD5

0e70cbcbc4e95515ebac2838a1da0e85
SHA1

1bc711659079e1b4b68bf684c5da6e49eb4859f9
SHA256

2cce549eba72102d50e6756be993757a088e87359fd7a22c8bd90a940d7aaff8
SHA512

2124ad99c3af846f2ac6c04635e02e6602f6ce853f532ecedea8df9afcd33b85ca5bf7667500460244f09857def235a05852ab4004399beed6f0aff34f9617ed
SSDEEP

6144:3GRJG8KMBU+xo2e+5bYwCOMeruVipEMS1BWKak/wGY4mswgIxhX8784glf:3EU+xa8bAe6V1RUKakIGEz8Tsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e70cbcbc4e95515ebac2838a1da0e85

Files

0e70cbcbc4e95515ebac2838a1da0e85
.exe windows:4 windows x86 arch:x86

12abdf166613e2965fcaf82310fec19d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LocalFree
GetCurrentThreadId
FindClose
lstrlenA
HeapCreate
lstrcpyA
CreateFileW
LoadLibraryW
PulseEvent
GetCommandLineW
GetComputerNameA
CreateThread
GetSystemTime
ResetEvent
GetModuleHandleA
GetCurrentDirectoryA
GlobalUnlock
UnmapViewOfFile
Sleep

user32

CallWindowProcA
CreateIcon
DrawMenuBar
CreateWindowExA
FillRect
GetCaretPos
DispatchMessageA
GetDC
DrawEdge
SetFocus
GetDlgItem
IsWindow
CheckRadioButton

cryptui

CryptUIDlgCertMgr
CryptUIDlgSelectCA
CryptUIDlgSelectStoreA
LocalEnroll
WizardFree

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ