70d5d5d65682cc3a1fffe83afe325478 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70d5d5d65682cc3a1fffe83afe325478
Size

19KB
MD5

70d5d5d65682cc3a1fffe83afe325478
SHA1

91996b40b3aa079dd47cffec35dfc3b83c6ec0be
SHA256

ba5554e9578e73102be86822f8c451bc8a4aef503d12bcbcbc834fe686bc31dd
SHA512

157a0b27e17b4ad5a51bca46216fcf4e4203827f09610b7299ff22337c26f241438ac42b608fbf30a25b3fb26846a2dbc8b2770a1092d8547b10cc5c723be218
SSDEEP

384:+zrzpyZu/+qHsbY93d22+ZHONkQEsP8hV1JQOxpQQtcawxYM5:SrVMQkxv/A+V1JQIqQA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d5d5d65682cc3a1fffe83afe325478

Files

70d5d5d65682cc3a1fffe83afe325478
.exe windows:4 windows x86 arch:x86

bd1c8a36deb47c9263321b0cc0b9d68e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
PostThreadMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
InitializeCriticalSection

advapi32

CreateServiceA

Sections

.text
Size: 19KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE