70bfe187a2a056282b5e4419449262f4 | Triage

Sharing

General

Target

70bfe187a2a056282b5e4419449262f4
Size

65KB
MD5

70bfe187a2a056282b5e4419449262f4
SHA1

21060ed51f26f69985fc9db166ba4ef0ea9a4a55
SHA256

18deba59b8b4deeca4eb75f5ebb82f1e61fa920eaeee256e0def3bca8a65c67c
SHA512

ce6b8d3a7cf0c72e7801f6c00946d1b4682a907a9fd708d4cd14e9f25bd307102d5d3b2179a82a3ea4d13d3dcf650897a716b712e5725a836a545a4105614014
SSDEEP

1536:1QHmA/azuzw33WoLJuunIJk1d1RYSjD0dUoigM:1WjC603PLJ+k1RYGMUoM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bfe187a2a056282b5e4419449262f4

Files

70bfe187a2a056282b5e4419449262f4
.exe windows:4 windows x86 arch:x86

99e450c379971759871e0d3f6b9ad53d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__setusermatherr
_except_handler3
_controlfp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
time
srand
rand
sprintf
memset
memcpy
__set_app_type

kernel32

GetStartupInfoA
WritePrivateProfileStringA
FindResourceA
SizeofResource
LoadResource
FreeResource
IsBadReadPtr
VirtualAlloc
LoadLibraryA
GetProcAddress
VirtualFree
LocalAlloc
LocalFree
GetModuleHandleA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ