700b6fad677ba93c7c11d536ba4e571d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

700b6fad677ba93c7c11d536ba4e571d
Size

182KB
MD5

700b6fad677ba93c7c11d536ba4e571d
SHA1

68089866538a0e19997601a6a6f3dc53a5f67bb8
SHA256

fe89bf8096e9ff92521421bca6f3034966f3b0650e60f7dd2994544a590341ae
SHA512

c0c76812fc81f5932d982f2db0ce9405f77919aa83be0336db41b2c3e5a1c7947ba3dc6e988802ff21464e7e16456c440ee7431b09a3664d0fd1a844cc882dab
SSDEEP

3072:1yCtyMcuHpeUjq+YEUQQGYdK3XXutEnamza6CDpf+QDxTjQkM1IDY1DgsYP:1yCtWuH7BGGNXutHmXCDpf+QDxTEdGak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
700b6fad677ba93c7c11d536ba4e571d

Files

700b6fad677ba93c7c11d536ba4e571d
.exe windows:4 windows x86 arch:x86

cd532e089e5501502f67ad726d39430d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

kernel32

GetProcAddress
CreateFileA
GetShortPathNameW
LocalFree
UnhandledExceptionFilter
GetProcessTimes
GetModuleHandleA
SetUnhandledExceptionFilter
IsDebuggerPresent
EnumResourceTypesA
CloseHandle
GetCurrentProcessId
GetLastError
ExitProcess
GetCurrentThreadId
InitializeCriticalSection
LoadLibraryA
DeleteCriticalSection
GetVersionExA

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ