79872109c43f1b6c429bc27fa1fa2a5a | Triage

Sharing

General

Target

79872109c43f1b6c429bc27fa1fa2a5a
Size

781KB
MD5

79872109c43f1b6c429bc27fa1fa2a5a
SHA1

c2a80a470c5232db2bbbb1489f7d99bb953327a7
SHA256

047d7bfbbead2ca674832641f9375534e4bfb7dc7426a1a62a8c177eb1b6a232
SHA512

b8206964cec69c535f1a5ba3a071f71ed0c446da6af49d95358fee89595c5090181fbaec16436a32103681497ac7b77a4c082c8b8220f94b351564e5523ba56f
SSDEEP

12288:S7psU/7iBRIqFqH6ZFL8pBIOcf7txNR84oyayn5BGrb+xKCEZgofCUV4t:S7d/7wIEeovn84o7yjGrrCSZCRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79872109c43f1b6c429bc27fa1fa2a5a

Files

79872109c43f1b6c429bc27fa1fa2a5a
.exe windows:4 windows x86 arch:x86

701f0f3a319b059786ef71b03a67a954

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

UpdateWindow

advapi32

RegOpenKeyExA

shell32

SHGetIconOverlayIndexA

mscoree

_CorExeMain

comctl32

ImageList_Create

Sections

Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE