70f5e371e293d8eba9562d8ad6c69807

Sharing

Copy URL Twitter E-mail

General

Target

70f5e371e293d8eba9562d8ad6c69807
Size

185KB
MD5

70f5e371e293d8eba9562d8ad6c69807
SHA1

014460d119a972cf6cae5b970e5fc884a11f56e3
SHA256

60a6d405ffdaa57cdcf0ff5fcad7405b0830bb57e0e73236bea074d1df2efc8d
SHA512

87b3140cd0a14ed23b59f1b2d479899a9357839048ab1b146ebd3f10bb2422045eaa2ff53c2234bf46113195ad50e4e4ad2efe4d0b2688f1a283b131a88832f4
SSDEEP

3072:j4AVHV1x2+3NwtUDByQHjVCYdwFxDnnSejC492:HvNB0QxKDnhC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70f5e371e293d8eba9562d8ad6c69807

Files

70f5e371e293d8eba9562d8ad6c69807
.exe windows:4 windows x86 arch:x86

438245093c3ab71e06dcec18436083fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAllocEx
GetCommandLineW
GetLastError
LoadLibraryA
GetCommandLineA
GetACP
ExitProcess
IsBadHugeReadPtr
lstrlenA
LocalAlloc
GetModuleHandleA
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetOEMCP
ExitThread

user32

GetActiveWindow
DestroyCursor

gdi32

SetBkColor
CreatePalette
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel
BitBlt
GetRgnBox

comdlg32

FindTextA
GetOpenFileNameA
GetFileTitleA

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES52
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES24
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES81
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES46
Size: 1024B - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES18
Size: 1024B - Virtual size: 977B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES89
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES68
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES44
Size: 512B - Virtual size: 415B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

438245093c3ab71e06dcec18436083fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

CODE Size: 19KB - Virtual size: 18KB

DATA Size: 152KB - Virtual size: 151KB

RES52 Size: 2KB - Virtual size: 1KB

RES24 Size: 1024B - Virtual size: 982B

RES81 Size: 2KB - Virtual size: 1KB

RES46 Size: 1024B - Virtual size: 866B

RES18 Size: 1024B - Virtual size: 977B

RES89 Size: 1KB - Virtual size: 1KB

RES68 Size: 1KB - Virtual size: 1KB

RES44 Size: 512B - Virtual size: 415B

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 19KB - Virtual size: 18KB

DATA
Size: 152KB - Virtual size: 151KB

RES52
Size: 2KB - Virtual size: 1KB

RES24
Size: 1024B - Virtual size: 982B

RES81
Size: 2KB - Virtual size: 1KB

RES46
Size: 1024B - Virtual size: 866B

RES18
Size: 1024B - Virtual size: 977B

RES89
Size: 1KB - Virtual size: 1KB

RES68
Size: 1KB - Virtual size: 1KB

RES44
Size: 512B - Virtual size: 415B

.rsrc
Size: 2KB - Virtual size: 2KB