078e476a111f87036e9121927dcd2a51 | Triage

Sharing

General

Target

078e476a111f87036e9121927dcd2a51
Size

172KB
MD5

078e476a111f87036e9121927dcd2a51
SHA1

438dd9f1366241bc29afbf6234bb9860b7b12007
SHA256

3e41adfa499cac42458f43993966600ee02136e2af58471a4d3e7b9012a621ff
SHA512

7e94d8b93fa70626990e991878adc06dfd281e3b23a0b51b7e6bbf5a283cb024764740276c95aaafa720e3e91008d50f9cfacbb59b7aaf1daef0b88bebc041fb
SSDEEP

3072:29RviEbK5bYibpT0IPLQyf/qNCsBRptzTLjhf+MqbLZ/gXDY:4/bKKibp1PLQyfLwRpFnj1oLpg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078e476a111f87036e9121927dcd2a51

Files

078e476a111f87036e9121927dcd2a51
.exe windows:4 windows x86 arch:x86

25261c3799f8a62ca75a7088e5e1e087

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
sndPlaySoundW

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashW

kernel32

InterlockedDecrement
GlobalAddAtomW
FlushFileBuffers
UnmapViewOfFile
GetTempPathW
GetEnvironmentVariableW
CreateFileMappingA
SetLastError
GetLastError
GetConsoleMode
LoadLibraryExW
GetVersionExW
GetProcAddress
GetModuleHandleA
CreateFileA
InterlockedIncrement
TlsGetValue
TlsFree
EnumResourceNamesA
MapViewOfFile
VerLanguageNameA
GetProcessHeap
TlsSetValue
TlsAlloc
GetModuleHandleW
HeapFree
CreateFileW
WriteConsoleW
ExitProcess
GetVersionExA
HeapAlloc
GetConsoleCP
Sleep

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ