70c43792a114e130ec1d9203243ff2a7 | Triage

Sharing

General

Target

70c43792a114e130ec1d9203243ff2a7
Size

49KB
MD5

70c43792a114e130ec1d9203243ff2a7
SHA1

8683158801ed3037f576cc8928a3460ddc08d038
SHA256

50e5621d8e763c8a1d12fe514ec0f6d28196b59e3ce4848be127b3fbeef72ed5
SHA512

91634912ac3c4cce85fbe384537464b2a72cf4bfaa8540d41afe07a8dde748978ff124eee658a671da58b4ce22c4e5b645b827df802eeafbaa4e079605b2263b
SSDEEP

768:0AO50P51APTjk/Q34yUPULYG7V0JhIHrSVn+PA3DNsE4i8ncOGsV:0350gA/Q34KLYosSHrSdRpsvi8ncfsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c43792a114e130ec1d9203243ff2a7

Files

70c43792a114e130ec1d9203243ff2a7
.exe windows:4 windows x86 arch:x86

0f57c7765f877e68d430ea4d36f1d48b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
CreateMutexW
CreateProcessW
DefineDosDeviceA
ExitProcess
GetExitCodeThread
GetFileTime
GetProcessPriorityBoost
GetShortPathNameA
GetShortPathNameW
GetVersionExA
OpenProcess
SetTapePosition
WriteProfileSectionA
WriteProfileStringW

advapi32

AccessCheckAndAuditAlarmA
BackupEventLogW
BuildImpersonateTrusteeA
CreatePrivateObjectSecurity
CryptDuplicateKey
CryptGetUserKey
CryptSetKeyParam
CryptSignHashW
NotifyChangeEventLog
ObjectCloseAuditAlarmA
OpenThreadToken
RegOpenKeyW
RegReplaceKeyW
RegisterEventSourceW
ReportEventW

user32

BeginDeferWindowPos
DefFrameProcA
DefMDIChildProcW
DrawCaptionTempA
DrawMenuBarTemp
ExitWindowsEx
GetMenuItemInfoA
GetMenuState
GetWindowInfo
LoadImageA
LoadMenuW
MoveWindow
OpenWindowStationA
SetUserObjectSecurity

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE