700b25a17ca70514e52c3ba431d71b62142b4b71a956d0b32f1dea1221ebaada | Triage

Sharing

Copy URL Twitter E-mail

General

Target

700b25a17ca70514e52c3ba431d71b62142b4b71a956d0b32f1dea1221ebaada
Size

2.1MB
MD5

1bb1c17dc83059b988f9bebdbff1e229
SHA1

ed441509380e72961b263d07409ee5987820d7ae
SHA256

700b25a17ca70514e52c3ba431d71b62142b4b71a956d0b32f1dea1221ebaada
SHA512

2e6f9e9ff84335211722f0a19221dd0bf0cf7c24d3dd85edf50845da08037f84c64f150abac613b2d566ef9321bfbbb9ed541ae9fc6cc3f14cb6b4bc2ee7e7ec
SSDEEP

49152:kTIUeZBtIFvrUaeJ1+de3c0QrZDFq27NGsdfV/g/JzautI:kcUeZBVn+MkPq27xbUzK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
700b25a17ca70514e52c3ba431d71b62142b4b71a956d0b32f1dea1221ebaada

Files

700b25a17ca70514e52c3ba431d71b62142b4b71a956d0b32f1dea1221ebaada
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 32KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtlnlmux
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rwapfscz
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE