7c9b2476c61c50b47547a3234646be60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c9b2476c61c50b47547a3234646be60
Size

56KB
MD5

7c9b2476c61c50b47547a3234646be60
SHA1

a32ce1c93b87f3554adde60f7f5c1694c9bf5173
SHA256

dbac68b7a85363e4dd77c269f28c2e7257455faa382def8016dd47ed4493797c
SHA512

28f338231667344abe5ea79c9971a037636cf726900c2604e2ac08abe06c7834c5fa0cdaeab3e0651f55496f8daa207fdf2bd303b583d2813709a0b1ecc2b8e8
SSDEEP

768:eYoaUMuau6A/RpFQ4TfOHoOVmvHUqIaP/NaSHd85Q5r9RSCi2vkewfTTmzmSxEXO:EnRLvZnIaPTO0rOCjvwClYsGG86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c9b2476c61c50b47547a3234646be60

Files

7c9b2476c61c50b47547a3234646be60
.exe windows:4 windows x86 arch:x86

e0a445309f348de28b82786bdda5e14c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
GetCommandLineW
BackupRead
CommConfigDialogW
WriteTapemark
GetStartupInfoW
_hwrite
GetCompressedFileSizeW
SetDefaultCommConfigW
PurgeComm
lstrcpy
CreateProcessA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE