c71db0d0b131d37f064add26202d8f6d | Triage

Sharing

General

Target

c71db0d0b131d37f064add26202d8f6d
Size

158KB
MD5

c71db0d0b131d37f064add26202d8f6d
SHA1

dff9b437e160d36e96cd4f63cffe3a78915cd32a
SHA256

b03195872da6c6e6eab73280e48b8646c8368da7862cc0def2c710a40a13e197
SHA512

31655a1b44635550b69996f67c4d2428527561ddb137d1f675f74651d4ced005f2d5948fb3d3c6c5b6b22654d6df581bc25a5a9dd68b305a5d25df3435ed7c13
SSDEEP

3072:qNzdlCLF2/XgnK+sG0oH1iX2r71p1A8ultbxGEUXWVVp0mfBZA/8:+3CLF2/XgnHsIhd4GpXWhj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c71db0d0b131d37f064add26202d8f6d

Files

c71db0d0b131d37f064add26202d8f6d
.exe windows:4 windows x86 arch:x86

8c0b72f818984d057f0eba91933bfe01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
SHGetFileInfoA
SHGetFolderPathA
SHFileOperationA
Shell_NotifyIconA

user32

GetMenu
IsWindowUnicode
DrawIconEx
LoadCursorA
DrawEdge
DrawFrameControl

gdi32

GetTextAlign

kernel32

FindResourceA
ExitProcess
LoadLibraryA
lstrlenA
VirtualAlloc
FormatMessageA
FindFirstFileA
GetCommandLineA
FreeLibrary

Exports

Exports

VGU2Q3lM
kN3TeGp8
p1bFodyeP
_j6u3tISZ81O
JA7t03y9
_wTzFtA@16
sLr_QLpur6gC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ