70763dd919d550308de3bd787fe8a76b

General

Target

70763dd919d550308de3bd787fe8a76b
Size

77KB
MD5

70763dd919d550308de3bd787fe8a76b
SHA1

2f124b4748cb49836f6b98c09b281c1f7b1f6b99
SHA256

40a80dbaf0ce25dfe502ec45190e1bbd49a89e24f85d90983eb58f1f4899766a
SHA512

4c3e03e44d15d4c8ab716fe324e51c5729f0fb86b2db3c793ee5c3890bd1dc7e54984f6a6fb87323336f48247ef40cec2712e4d9b45eaf069d5e5447a0f33e38
SSDEEP

1536:ZDfrz9fLNzcIq8lpr5jlsJM+60aECWpHuCQk8TZbCrJOWhA/R8/WD:lZNcJ+pr5j6JHGaQk8lb+JOW8RCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70763dd919d550308de3bd787fe8a76b

Files

70763dd919d550308de3bd787fe8a76b
.exe windows:5 windows x86 arch:x86

16c60eb75fea734ef0b7feaa5b92f950

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLastError
OutputDebugStringA
GetTickCount
VirtualProtect
VirtualQuery
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
GetCurrentThreadId
IsDebuggerPresent

user32

MessageBoxA

msvcr90

_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
malloc
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_invoke_watson
_controlfp_s
free
wcsrchr
??3@YAXPAX@Z
strstr
memcpy
??2@YAPAXI@Z
strtok
exit
memset
_initterm
_stricmp

ws2_32

gethostbyname

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16c60eb75fea734ef0b7feaa5b92f950

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr90

ws2_32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 85KB - Virtual size: 85KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 85KB - Virtual size: 85KB