170cff69b602c1ae16a718fd85bd0a3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

170cff69b602c1ae16a718fd85bd0a3a
Size

3KB
MD5

170cff69b602c1ae16a718fd85bd0a3a
SHA1

817087876422949824efb8bc321a07780a13f29a
SHA256

c06a70f547be02420cd50d78b578f51910df88633f210b715e95182b155ad9f2
SHA512

9699cf61bdeab43f47d77db5b789ba1cc5c16b821c8b21a054302b261db6cc5a1717351d68906627eaa463b5f678dcdd060d7af4d80efc5e454f813a872d8e40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
170cff69b602c1ae16a718fd85bd0a3a

Files

170cff69b602c1ae16a718fd85bd0a3a
.exe windows:4 windows x86 arch:x86

bf888fa6b8c24b39a581a5e707a66323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetVersion
CreateToolhelp32Snapshot
Process32First
Process32Next
Sleep
VirtualAllocEx
WriteProcessMemory
lstrcmpiA
lstrlenA
CreateThread
CreateRemoteThread
OpenProcess
CreateProcessA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

urlmon

URLDownloadToFileA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE