1c30bc701552dbe832108c2a44baa3668d26685049a9a56bc442608963884a28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c30bc701552dbe832108c2a44baa3668d26685049a9a56bc442608963884a28
Size

16KB
MD5

ce8ca35608055a583480e4af4df4cf46
SHA1

34bb0f9e8630fb0981f3d47346a6e71d49c668d5
SHA256

1c30bc701552dbe832108c2a44baa3668d26685049a9a56bc442608963884a28
SHA512

4472c80d4dd28874943fd4f81b1b4b93ce5841d15bef7e1cacd384e0cf4801e60e522a10274f53beb43dadfc6d36d1fb8c32c9ec03cbb6fc9c70b28ee14d7dcd
SSDEEP

192:R8CngollI+9j+xoMnmAmeVom1oEAfKqXVlUVgzvKbOZeuvAp9t+H:FfDCxA0oidTE4gzvKbOZ7v3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c30bc701552dbe832108c2a44baa3668d26685049a9a56bc442608963884a28

Files

1c30bc701552dbe832108c2a44baa3668d26685049a9a56bc442608963884a28
.dll windows:4 windows x86 arch:x86

8954e66f0efe9d9494f169d11924f9a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetTempPathA
CloseHandle
Sleep
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
CreateProcessA
CreateFileA
ExpandEnvironmentStringsA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec

mfc42

ord540
ord800
ord5442
ord3318
ord665
ord825
ord6385
ord1979
ord5186
ord354
ord823
ord860
ord2818
ord535
ord858
ord537
ord940
ord6874
ord4204

msvcrt

printf
strrchr
_beginthreadex
rand
__CxxFrameHandler
_iob
sprintf
free
malloc
fclose
fwrite
fopen
srand
__dllonexit
_onexit
_initterm
_adjust_fdiv

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Exports

Exports

Start

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ