70dd89fec51a62f42ea627d7bacffb35 | Triage

Sharing

General

Target

70dd89fec51a62f42ea627d7bacffb35
Size

299KB
MD5

70dd89fec51a62f42ea627d7bacffb35
SHA1

3dc15bd19ad8f1a566005bef374683424e945ec9
SHA256

38b79f05fd31ee5e5d2a5a6e787f4701b1d4a783cf66aee5ea84fddc280a9d4e
SHA512

94a5b60321ce3bc4ed3f6f827314c8fb683143c57e2c459a338fb27ac24f197946426208b2e929525e95dc5ef9e445ffa456b91db396a71f3b8d367d8612264e
SSDEEP

6144:PlGg0U/RG3shgh4L9FwWSOEaViZdvHkXqN7pGcP6BE9Cqa8RT0NK:Ag0UCk9SWSjZdsXqN7pfP+wdRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70dd89fec51a62f42ea627d7bacffb35

Files

70dd89fec51a62f42ea627d7bacffb35
.exe windows:4 windows x86 arch:x86

1729c5e31bbb406c42a4ecb51e250c44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LocalUnlock
GetModuleHandleA
UnmapViewOfFile
GetTickCount
HeapCreate
CreateThread
GetSystemTime
CreateFileA
FindVolumeClose
LocalFree
lstrlenA
Sleep
GetCommandLineW
ResetEvent
FormatMessageA
LoadLibraryW
SetLastError
GetComputerNameA
GetDiskFreeSpaceA

user32

DrawMenuBar
GetComboBoxInfo
DrawStateA
CheckRadioButton
FillRect
GetDC
CallWindowProcA
DrawEdge
IsWindow
DispatchMessageA
CreateWindowExA
SetFocus
GetDlgItem

advapi32

RegDeleteKeyA
FreeSid
RegEnumValueA
IsTokenUntrusted
RegCloseKey

hdwwiz.cpl

AddHardwareWizard

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ