70f42ac3a29ad50da9afd5c80a068b55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70f42ac3a29ad50da9afd5c80a068b55
Size

101KB
MD5

70f42ac3a29ad50da9afd5c80a068b55
SHA1

0455a856f8b5381a2d4d2a81bf07f5167273a80d
SHA256

8fddb1779ee58b87f8c3e9291b39ad8fdaee7f4a9e14108625ce6bbb6d29da4e
SHA512

c6259bc942e8194a4dbb766bdff48b634974782421055f259664bb523a41323d86fea06fa5f299a93edd8ff5b19b45f859de52d544aecfcef642a59da7b0ac97
SSDEEP

3072:br2txC8ljUNGNZ+kn4XiNLILkp5HFUTO0lzU4C:0ONA4y4A6lYD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70f42ac3a29ad50da9afd5c80a068b55

Files

70f42ac3a29ad50da9afd5c80a068b55
.exe windows:4 windows x86 arch:x86

28d2ce939f7794f16664236374e3b43c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetLastError
SetFilePointer
GetWindowsDirectoryA
GetCurrentProcess
CreateProcessA
DeleteFileA
MultiByteToWideChar
GetModuleHandleA
ReadFile
GetTickCount

ole32

CoUninitialize
OleSetContainedObject
OleCreate
CoInitialize

user32

MessageBoxA
UpdateWindow
ShowWindow
SetWindowLongA
TranslateMessage
GetMessageA
GetWindowLongA
CreateWindowExA
DefWindowProcA
DispatchMessageA
PostQuitMessage
GetSystemMetrics

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ