700e6eeede2c4671cdac9dc73b111b8972d3a2f87666551f7cda4df1cdc17696N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

700e6eeede2c4671cdac9dc73b111b8972d3a2f87666551f7cda4df1cdc17696N
Size

10KB
MD5

f5c8739ccdcaa5d6932fa5ca3f503650
SHA1

aa52299d22efc8ec85f213db930c77de700d41a3
SHA256

700e6eeede2c4671cdac9dc73b111b8972d3a2f87666551f7cda4df1cdc17696
SHA512

d874e8a0ca1487c9ee0d0473b37d05cad0265fbb37e305566fb56d8b8fc8acd7a95af302f2317375107780f0371619c2625a2886862355512ad05f7730251ee7
SSDEEP

96:vSf+kue13qJVWW/u2pdmqIYCcjG6wAZTloHxMPUwF14zbNZn/bAKAPEdtmFPmEqa:KfXccwpcyGJgloRRzbLzAD3pmEqYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
700e6eeede2c4671cdac9dc73b111b8972d3a2f87666551f7cda4df1cdc17696N

Files

700e6eeede2c4671cdac9dc73b111b8972d3a2f87666551f7cda4df1cdc17696N
.dll windows:5 windows x86 arch:x86

410d69fbd81ee32e69c5ef1a1d65b788

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetProcessHeap
WriteFile
Sleep
GetSystemDirectoryA
lstrcatA
lstrcmpiA
CopyFileA
GetCurrentProcess
CloseHandle
CreateThread
lstrcpyA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
RtlUnwind
HeapAlloc
lstrlenA
WinExec
CreateFileA

user32

CopyIcon
GetWindowTextA
SendMessageA
LoadCursorA
SetSystemCursor
EnumWindows

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

shlwapi

PathFileExistsA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ