7014a560e437d017f36f9e588cc83d5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7014a560e437d017f36f9e588cc83d5c
Size

166KB
MD5

7014a560e437d017f36f9e588cc83d5c
SHA1

f760f0392e117816a891974935a6c0a350db2c77
SHA256

91a92767a5ed0b367d145c77848314b632249b12d405d8283626cd9776e35ce2
SHA512

898b466ebe468d53cf69479605febc885a9324ba7adbf6845940ac5d22861d15ffaa49000bd6427220a47944a46f77e88cf958589266536cc783fe6f5b8bc1ae
SSDEEP

3072:4qwVEpvZ3I7X5sHYXEnBsvKlkSqnmg7O2NhMF6CRDi47J9GySgWLvm/t:F3I7XyHLqLBmg7O2NhRv4lSgWTm/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7014a560e437d017f36f9e588cc83d5c

Files

7014a560e437d017f36f9e588cc83d5c
.exe windows:4 windows x86 arch:x86

a45fa05fed52ddad91142c05b5d7c5fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelW
CreateNlsSecurityDescriptor
FindResourceA
GetConsoleAliasExesLengthA
SetConsoleNumberOfCommandsA
OpenSemaphoreW
CreateHardLinkA
QueryDosDeviceW
InterlockedDecrement
GetExpandedNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 59KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE