7692a53c784a8d8c5c48b8aa2370b7a502e0ffd921be8e10a5787bb7649532ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7692a53c784a8d8c5c48b8aa2370b7a502e0ffd921be8e10a5787bb7649532ed
Size

1.1MB
MD5

8ed1f77717a9ecf1ef0be65d97de210a
SHA1

1b96010cd1a3c5edd95d4b5584a76ba1fc75182a
SHA256

7692a53c784a8d8c5c48b8aa2370b7a502e0ffd921be8e10a5787bb7649532ed
SHA512

852462d85708aef2e7d9a13f5eb86cfbb31aa4da9191f785ca077678d23ef6c6a5fc77e331ad1d6da6332c410dc095abd466b791a9a02807e7c8b3776dd2c702
SSDEEP

24576:SiUMGe/7jIh9OggtZYny+JltROCQ6vTD0MWT3+J6VFkS8AzWE:SYG0jhgyYn9lPzQ6/BWe6jkfE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7692a53c784a8d8c5c48b8aa2370b7a502e0ffd921be8e10a5787bb7649532ed

Files

7692a53c784a8d8c5c48b8aa2370b7a502e0ffd921be8e10a5787bb7649532ed
.exe windows x64

c57e4f526395288c8406444b38b1e657

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrA

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

SHChangeNotify

oleaut32

OleLoadPicture

version

VerQueryValueW

setupapi

CM_Get_Parent

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
dllMain_Name
main
main1
main5
mainB
mainB_
mainW
main_

Sections

.MPRESS1
Size: 508KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE