1c7cc9273e104ac2ae931f17965739fc | Triage

Sharing

General

Target

1c7cc9273e104ac2ae931f17965739fc
Size

38KB
MD5

1c7cc9273e104ac2ae931f17965739fc
SHA1

c92902a328d6674984000a3fcd04e6c192db3ad2
SHA256

5a0fd1e069731a65fd3204a832049d59807daf9ac0a8afa7ff46ae1a2ff4f5f3
SHA512

d94b8b4eb6228fd87573945615c3436f9165848bfcf1f4760cd07383acb9762cd68107d723d3c0a547c942ca186691f314fc555b76481eddc9d215b52e0b809f
SSDEEP

768:C+rLjrh+kfx3Z213DGIsvuzdl3fdmzbtlDZ9rukwRHF1MFz:C+rLjV+Gx3Z2137sGzdlPdOtRZ9Ru0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c7cc9273e104ac2ae931f17965739fc

Files

1c7cc9273e104ac2ae931f17965739fc
.exe windows:4 windows x86 arch:x86

d9875eacdc6ab398bb3dfb4ae164431d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtCreateKey

kernel32

VirtualAlloc

msvcrt

_except_handler3

ws2_32

WSAGetLastError

dhcpsapi

DhcpDsInit

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE