7070f0afbfb40e12119ccff4f2846216eeac0562c102c007292f5871e63db8d9N | Triage

Sharing

General

Target

7070f0afbfb40e12119ccff4f2846216eeac0562c102c007292f5871e63db8d9N
Size

179KB
MD5

f21919b2351ccf826004da31565f85a0
SHA1

d4ae28e8a2db39968848e51efa2b2ab369d1456d
SHA256

7070f0afbfb40e12119ccff4f2846216eeac0562c102c007292f5871e63db8d9
SHA512

e093547c4a6572f5211995912de1f921cfaf188c747f65a9dbbe80fb65a07e0b159d8d8d0c979f2ef35bb3725642c657c3c65c48293c4d4f814653a165226c13
SSDEEP

3072:JV+Wlzxu4C5Qt+XLYZVDzx61EkHsc1vOtKYVSovWw3eTsxbExTVnWoap4m:2WlAQtCmo+kH5ulBvLOQszaOm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7070f0afbfb40e12119ccff4f2846216eeac0562c102c007292f5871e63db8d9N

Files

7070f0afbfb40e12119ccff4f2846216eeac0562c102c007292f5871e63db8d9N
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 170KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE