70bc308c9dc47e3b675c6122589c57c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70bc308c9dc47e3b675c6122589c57c2
Size

63KB
MD5

70bc308c9dc47e3b675c6122589c57c2
SHA1

6966b72cecc65764b04bdc21bf6773a28dbf8a51
SHA256

58b76f574eaab093c54bab3d8d14af296785a8781d0034321d1493c1f8ebf95b
SHA512

402bacdfd9ddff9370942dad5224eeb4aa19758c4846b52ef7ba21778e09f20e2d86c3addfbad41ded02d0899555cd82191b272094179c82da1109b996fa6795
SSDEEP

768:wwTWXqCfZnXeB5+4c1KdhinJ5KGbG49ppa64VMUKjP/eTF2wkhA4kRLx1fjf6UnH:wlFEGaGpaut6KCPL/jfdnqGwaFe84ZPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bc308c9dc47e3b675c6122589c57c2

Files

70bc308c9dc47e3b675c6122589c57c2
.exe windows:4 windows x86 arch:x86

3151b1eaff27925af2c4414a00730139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DnsHostnameToComputerNameA
GetConsoleAliasesW
HeapUnlock
GetConsoleAliasesLengthW
RegisterWaitForSingleObject
GetConsoleNlsMode
SetFileTime
VirtualUnlock
LocalSize
BuildCommDCBA
IsBadHugeWritePtr

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE