6704d349c7dc15d468abe797798b284c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6704d349c7dc15d468abe797798b284c
Size

8KB
MD5

6704d349c7dc15d468abe797798b284c
SHA1

fdfbae75ff45956118c948b129c8e55682d6cb4c
SHA256

8569053b7f2786ae1a84e1c416fd71eca7c2cf4162485410554d2eb174ac7fb6
SHA512

b446dd46f6882fc739781a8079a62dbd108f3fa300b0b1425487a8c9b717c7adcfdbb4b659fef061f3b31c396ac14e02bc907ab54d9ec201127013ae4960ab90
SSDEEP

96:91noETLLt4OBoETaV1NpfmDP/5krQ0E+nWj2DbEbTj33CCj3s8AXtp:/tVYNpfmD5sQ0E+U2DKD3s8utp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6704d349c7dc15d468abe797798b284c

Files

6704d349c7dc15d468abe797798b284c
.exe .vbs windows:1 windows x86 arch:x86 polyglot

305ff5e970df6be17aaf73a1d324472c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcat
strcpy
strlen
free
malloc
rand
srand
fclose
fopen
fprintf
fread

kernel32

FreeLibrary
GetProcAddress
GetLastError
Sleep
GetTickCount
FormatMessageA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetCommandLineA
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
CopyFileA

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

Sections

_BSS
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IMPORTS
Size: 180B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

imports
Size: 880B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: 260B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ