7093c6cc9171cd967f162f8cb6528c58 | Triage

Sharing

General

Target

7093c6cc9171cd967f162f8cb6528c58
Size

31KB
MD5

7093c6cc9171cd967f162f8cb6528c58
SHA1

b629b63a060a60c40acc4a21c3c6028b0c9bee84
SHA256

60df71e9c8e080db0258ea03200f164cdd08c32d86cd33f0e94525139230f354
SHA512

e5e35350989a507485781804dd3f77ea3e1312665e321b7e8b56515b360284b713b6a87644a582c8f91e856139f0ab4559920f7a9d72681526bb3298f1521448
SSDEEP

768:aGoMByKL3dgFo/vdWCFsLUds4rkiUbObT3+T29qB6HpzJ:4u/3Ao/4gsL8oVbySKYB6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7093c6cc9171cd967f162f8cb6528c58

Files

7093c6cc9171cd967f162f8cb6528c58
.exe windows:4 windows x86 arch:x86

58a5a316e03eed803c66ac46069ea26c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wsplitpath
wcsstr
fgets
_vsnprintf
wcscpy
_wcsicmp
_ltoa
_exit
time
__dllonexit
memset

user32

ReleaseCapture
EndPaint
GetDoubleClickTime
LoadAcceleratorsA
InvalidateRect
GetWindowPlacement
TranslateMessage
WindowFromPoint
SystemParametersInfoA
ModifyMenuA

ole32

OleGetClipboard
OleSave
OleCreateLinkFromDataEx
OleLoadFromStream
CoTreatAsClass
CoFreeAllLibraries
CoGetPSClsid
OleInitialize
OleSetMenuDescriptor
OleCreateFromData
OleCreateFromFileEx

advapi32

LookupPrivilegeValueW
OpenSCManagerA
FreeSid
RegDeleteValueA
GetKernelObjectSecurity
GetAce
QueryServiceStatus
LookupPrivilegeNameA
LookupAccountNameA
RegCreateKeyA

kernel32

DeviceIoControl
GetProcAddress
CreateThread
FlushFileBuffers
WaitForMultipleObjects
LocalAlloc
FatalAppExitA
CreateProcessA
GetTickCount
GetLastError
lstrcpyA
GetCurrentThreadId
HeapFree
FindResourceA
ReadProcessMemory
CreateFileMappingA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ