cc0c70a73251af6d3cb371fc817f78cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc0c70a73251af6d3cb371fc817f78cb
Size

31KB
MD5

cc0c70a73251af6d3cb371fc817f78cb
SHA1

8ff50a3cf6e05ac22c90893855e17850e53b0839
SHA256

4d23a93c7a255354da8cc73f7a89922ec164f24b52e48b3a1de5185fab728ff5
SHA512

d584e0de902535bdfaf05e43cd53e256dd05ec728f8e303a8768d0eb97da9027204d658f8b8cdffc3cf792f33bef970ffe3a68067bc1798bd90bebebfd5e7496
SSDEEP

768:wE/Gnrd0Alyju4yLMxcRXkbwJDVL48mTar:Z/G1NL2G0bwJDV4hur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc0c70a73251af6d3cb371fc817f78cb

Files

cc0c70a73251af6d3cb371fc817f78cb
.exe windows:4 windows x86 arch:x86

a8338f83aab0477533436514027a4b1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleDuplicateData
CoLockObjectExternal
CoRegisterClassObject
CoFreeAllLibraries
OleDoAutoConvert
CoFreeUnusedLibraries
OleRegEnumVerbs
CoReleaseServerProcess
CoIsOle1Class
CoGetStandardMarshal

kernel32

WriteConsoleW
GetCPInfo
GetEnvironmentStrings
GetLastError
HeapCreate
GetCurrentThreadId
VirtualAlloc
lstrcpyA
SetStdHandle
SetFilePointer
FileTimeToLocalFileTime
GetSystemDirectoryA
InitializeCriticalSection
MultiByteToWideChar
SetPriorityClass
ReadFile
GetStartupInfoA
SizeofResource

gdi32

GetTextMetricsA
BitBlt
StartDocA
SelectObject
SetTextAlign
GetObjectA
StartPage
ExtTextOutA
Ellipse
Rectangle

msvcrt

rand
strcspn
memmove
free
atol
wcsncmp
_stricmp
exit
__mb_cur_max
_wcsnicmp

advapi32

LookupPrivilegeValueA
MapGenericMask
OpenServiceA
RegOpenKeyA
RegQueryValueExA
GetAce
AllocateAndInitializeSid
SetKernelObjectSecurity

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ