7c4f1a6a13b0c99018f71ef06170fd8f | Triage

Sharing

General

Target

7c4f1a6a13b0c99018f71ef06170fd8f
Size

56KB
MD5

7c4f1a6a13b0c99018f71ef06170fd8f
SHA1

7ab35c057e287438dbb583f7da2d603517db9c0f
SHA256

6009db637bcd3b1020d42b54b15ae137ca44e2913f4489e5b434d6792bf5dab2
SHA512

694ff5a69c7d25a7324f7a0e42dbaf6c81af44ea08709052101068d53f732e2558c505b99c305ea32e510392bfa99b1d913dcdf3abc5146c04f0fb45da5e239f
SSDEEP

1536:k2d98HyIlSx6dnePT32bJ/pUjxCVhiIGMlYy1g:kZ/JdePT3YRoMiIGMlZ1g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c4f1a6a13b0c99018f71ef06170fd8f

Files

7c4f1a6a13b0c99018f71ef06170fd8f
.exe windows:4 windows x86 arch:x86

6af583ea5bd8cf0f5353e516c7af01cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
GetSystemDirectoryA
GetSystemTimeAdjustment
lstrcat
LoadLibraryExA
AddAtomW
WaitForMultipleObjects
MoveFileA
lstrcpy
GetPrivateProfileIntA
NumaVirtualQueryNode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE