c70e0b57d8db025de6995f5715ed6e6b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c70e0b57d8db025de6995f5715ed6e6b
Size

59KB
MD5

c70e0b57d8db025de6995f5715ed6e6b
SHA1

6485f94516c61d2a38a7820b0d2490f509c69a46
SHA256

84c26ac070f5c5d9ac6d985c4504287efc725345efe296d47f5f058f66297019
SHA512

a62caea16f7aea8e9f86885df080abd1fdbb21419746dd6929e820be563fb53f46d2a96ceed2844d3d04f1bc1ad26d6fbbb7c1efde73870a4c4e7b812171898a
SSDEEP

1536:N8sDmjpd9i/3uPmNFp+5ncSMt84OBEetBxF:N87jpd9i/e+NP+5PYOKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c70e0b57d8db025de6995f5715ed6e6b

Files

c70e0b57d8db025de6995f5715ed6e6b
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE