ad703ecac386a14743f398229356f7786a433bbef1262683a00503bd7b94ef35 | Triage

Sharing

General

Target

ad703ecac386a14743f398229356f7786a433bbef1262683a00503bd7b94ef35
Size

20KB
MD5

b9e7fd6e4d1a41dc00f8c538df1bf634
SHA1

b45c57d486e0b8dd30a773c6aba88e7d92796900
SHA256

ad703ecac386a14743f398229356f7786a433bbef1262683a00503bd7b94ef35
SHA512

aef08b45399c62e3260efee35c45117683cc7229ec2697b4db4f2d597d1c3528c4ded22a0da61dea017d7942064289b65c21ff1cb44b8f63cf5b0c7eb48ae3e8
SSDEEP

384:FaRDOvL3QfH58M48hwU8TpBUKiPGds7CZIn/+uErpV3r1d:dvTQf548hX88Mp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad703ecac386a14743f398229356f7786a433bbef1262683a00503bd7b94ef35

Files

ad703ecac386a14743f398229356f7786a433bbef1262683a00503bd7b94ef35
.dll .vbs windows:4 windows x86 arch:x86 polyglot

86b7e66b700b7a36d2def873eb2bb54e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
_initterm
strcat
free
_adjust_fdiv
strcpy
strchr
strcmp
strlen
toupper
isdigit
atoi
isspace
strstr
_strcmpi
_stricmp

kernel32

GlobalFree
GetVersion
GetModuleFileNameA
GetPrivateProfileIntA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalHandle
GetPrivateProfileStringA
WinExec

user32

SendDlgItemMessageA
DestroyWindow
wvsprintfA

Exports

Exports

HotSpot
NewHotspot

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 843B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ