7cefcd9f9c68abdfce644d40e9b4f38a | Triage

Sharing

General

Target

7cefcd9f9c68abdfce644d40e9b4f38a
Size

36KB
MD5

7cefcd9f9c68abdfce644d40e9b4f38a
SHA1

624d7fb92650171b1ec0b31256bd8090eed36e8d
SHA256

cc46c10b9d7c14ac2ef70ddd4a6b58d2f2feae6c6bf5e087ad3b360bd3e658cb
SHA512

fa6d887a4567da476723a9924a7987aed71474499c57b90b6691e850063047a5fc012d4c0753178455d39eb2395fb6b607597838f08486cc386b752c9e2c1d6e
SSDEEP

384:wU9OoNL1I94Q5CpkV+svcYEe5JJblqdOI3H+eQwxZ6//WiP9LmSB+cllk:Z9OoNBI9HCRybEKlgOIOdwvm/W0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cefcd9f9c68abdfce644d40e9b4f38a

Files

7cefcd9f9c68abdfce644d40e9b4f38a
.exe windows:4 windows x86 arch:x86

e2ac9cfad485f4273c0f2f47ad2530eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
LoadLibraryA
FreeResource
WinExec
LockResource
LoadResource
FindResourceA
GetSystemDirectoryA
DeleteFileA
GetTempFileNameA
GetTempPathA
Sleep
CreateThread
MoveFileA
SetFileAttributesA
GetCurrentProcessId
OpenProcess
GetStartupInfoA
TerminateProcess
GetCurrentProcess
WriteFile
CreateFileA
SetFilePointer
ReadFile
CloseHandle
SizeofResource
GetFileSize

user32

wsprintfA

msvcrt

_strcmpi
_stricmp
_controlfp
free
strncpy
malloc
_except_handler3
strrchr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ