70939c3d8223514a78106de7b867ef99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70939c3d8223514a78106de7b867ef99
Size

169KB
MD5

70939c3d8223514a78106de7b867ef99
SHA1

d34287001d3c3014bf1db1bcf5ce5b553cb1f42f
SHA256

3fa0d435b6d2c3082f64e4a54780e504e1a0b2596fb20e443772d6b2681816fa
SHA512

a84f5e728e8222e715d3a70efa347d3e2c47087ad438a7b374efd0d509f9057e13fbd9fc287cba25469840a3cce967890b795fce98d669b15d9876e550895ede
SSDEEP

3072:CkPWFc72c/wft0Hc18o9CTQxv7ObMMW+Nh0yyErL0gNZcW3rDBE:CIWFc7TQ0Q8o9MQB7OoKNHBrL09W3r+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70939c3d8223514a78106de7b867ef99

Files

70939c3d8223514a78106de7b867ef99
.exe windows:4 windows x86 arch:x86

66fb55b1527f16d3ee3b50395c0ac655

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
FreeLibrary
GetModuleHandleW
WritePrivateProfileStringW
Sleep
FindFirstFileW
lstrlenW
LoadLibraryW
LockResource
LoadLibraryA
MulDiv
DeleteCriticalSection
LoadResource
EnumResourceTypesA
GetPrivateProfileStringW
GetTickCount
FindClose
GlobalSize
InitializeCriticalSection
MultiByteToWideChar
GetDllDirectoryW
GetModuleFileNameW
GetVersionExW
GetVersionExA
GetProcAddress
GetPrivateProfileIntW
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DllGetVersion
SHGetPathFromIDListA
SHFileOperationW
SHGetFileInfoA
ShellExecuteExW
SHBrowseForFolderA
ShellExecuteExA
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ