c71bc5b5169218d509aae9b0c3379256

General

Target

c71bc5b5169218d509aae9b0c3379256
Size

10KB
MD5

c71bc5b5169218d509aae9b0c3379256
SHA1

d4ae272f99f0700e14d42460e754c2fbf94306af
SHA256

e5965974c819e871aa9704daa06b250366aca84d9a99080a4e3933b50364cf46
SHA512

34f864f6c8c0bc321e591d44732ac2194d5af48d4186f8d55eab92573395ae94986a6129dd1b3f1088cbe996455ba2118aeb6502812c69e3388aed16fde2b6d0
SSDEEP

192:XHs5LPucH7t5vGXHtXvxt699d1oynOlRwmfxx:XH4buc55vyt699d1YlRw6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c71bc5b5169218d509aae9b0c3379256

Files

c71bc5b5169218d509aae9b0c3379256
.exe windows:4 windows x86 arch:x86

14f840e08a68155beef77c502ee019cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??2@YAPAXI@Z
memmove
memcpy
_mbscmp
_mbsstr
sprintf
strlen
fseek
fopen
fclose
memset
_mbsrchr
fread
_EH_prolog
__CxxFrameHandler
strcpy
??3@YAXPAX@Z

msvcp60

?_Xlen@std@@YAXXZ
?_Xran@std@@YAXXZ

kernel32

GetStartupInfoA
GetModuleHandleA
CreateThread
WaitForSingleObject
GetExitCodeThread
DeleteFileA
GetSystemDirectoryA
SetEvent
CreateFileA
GetLastError
Sleep
GetFileSize
WriteFile
GetModuleFileNameA
CreateEventA
OpenEventA
GetCurrentProcess
CloseHandle

user32

TranslateMessage
DispatchMessageA
MessageBoxA
ExitWindowsEx
PeekMessageA

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14f840e08a68155beef77c502ee019cb

Headers

File Characteristics

Imports

msvcrt

msvcp60

kernel32

user32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 532B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 532B