7ca00e0df91b1a9a8971c83af74bd58e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ca00e0df91b1a9a8971c83af74bd58e
Size

780KB
MD5

7ca00e0df91b1a9a8971c83af74bd58e
SHA1

233aa4a23ee24a9e4aa42dfd0f1d1c72a9de745f
SHA256

2326b03ce15c3c30d56b4f2867f9f485c3253699fd57fb22717a622a393527b4
SHA512

8220d7decb23018052ae4a8f73ee0ee37453f17037bb250927d7df5c814ca735448998dc931d1929bc8982608129b2c57945e0fc33721f3482759335a38b15fa
SSDEEP

24576:7gKQrZN8kAmWB4hTh6L193RQ2Mr+ps8J5ZpF:79QrZN8pmWBP7DqkJ5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ca00e0df91b1a9a8971c83af74bd58e

Files

7ca00e0df91b1a9a8971c83af74bd58e
.exe windows:4 windows x86 arch:x86

d4ff4e9520d2b9d618be12fecec0c0ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
DeleteFileA
Sleep
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
LockResource
lstrcpyA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA

lz32

LZCopy
LZOpenFileA
LZClose

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ