c79629afcc688c5aacc77c3ac8936b1d541ad2516c1b4e492ffd5cb291e8be7d | Triage

Sharing

General

Target

c79629afcc688c5aacc77c3ac8936b1d541ad2516c1b4e492ffd5cb291e8be7d
Size

1.1MB
MD5

07b3f0a6e96cdaf151d93b498f80a657
SHA1

292f54a95a841f9320d79005e40a6eb06a407f84
SHA256

c79629afcc688c5aacc77c3ac8936b1d541ad2516c1b4e492ffd5cb291e8be7d
SHA512

c79d470ead238f2a211796645f545d123db4eb8ba9c3bdcb0e2c26cff4896553fe3432855fec5153da8e7e1ebb787754326dc1d8032617dc3cf4c4e674992364
SSDEEP

24576:7bW+w2dCjdOQvaT2r+rJAjjYjWx4i6dwPyAmDyuuN59FoOCqDW:7StgQvaSrrKWV6dwKAmDun9FdCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c79629afcc688c5aacc77c3ac8936b1d541ad2516c1b4e492ffd5cb291e8be7d

Files

c79629afcc688c5aacc77c3ac8936b1d541ad2516c1b4e492ffd5cb291e8be7d
.exe windows x86

b10776349ade5b44bba1004e3c6bef14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5277

msvcrt

_setmbcp

kernel32

lstrcpyA

user32

SetCursor

gdi32

PatBlt

comctl32

ImageList_ReplaceIcon

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 92KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 936KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ