777814ac9be3f076d2dcbca6074d1cbc1efd19f43c925673c7f279c848a2e1fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

777814ac9be3f076d2dcbca6074d1cbc1efd19f43c925673c7f279c848a2e1fb
Size

104KB
MD5

5fc5c00477921c0fc498ddf2adf7318b
SHA1

a455707497f89353f371cfa493a0a6b6de1bf245
SHA256

777814ac9be3f076d2dcbca6074d1cbc1efd19f43c925673c7f279c848a2e1fb
SHA512

a5292f9368d0f640f9d6cf0387dd4a4c3526c602a424671387b4c014e774f8c17221b95aa50ba0e403084298f90044c54df52ed25e13b0630fb19254488fcc73
SSDEEP

1536:rSFORvzKlDowI25JhhDG3HTuPwh1ZcmNyQknppa+cYeXdmmgAQ1WImO6/R3xhH9a:GFOR79w75zI3HaPm1tXkpyYAmmgAGmFU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
777814ac9be3f076d2dcbca6074d1cbc1efd19f43c925673c7f279c848a2e1fb

Files

777814ac9be3f076d2dcbca6074d1cbc1efd19f43c925673c7f279c848a2e1fb
.exe windows:5 windows x86

ca7bed2d99db7f7db37cdb4a429a66e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ntdll

_wtoi

ole32

CreateStreamOnHGlobal

shlwapi

StrStrA

user32

wsprintfA

winhttp

WinHttpOpen

Sections

.vmp0
Size: 100KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE