078783d6fd6b2b166f7b92dcb5d04623 | Triage

Sharing

General

Target

078783d6fd6b2b166f7b92dcb5d04623
Size

156KB
MD5

078783d6fd6b2b166f7b92dcb5d04623
SHA1

e71e9257dd3b6f4019a8abdeedcaf803fc528f71
SHA256

3a7302efdb5de0331c4f81d5dc42b5bc32bd4ebe0594b84110b86665e86cbdc8
SHA512

13f3d7e482b4c69b54d05c2da92c73cd2032b9bd1bb454bf80c52868d11b1d04f583ff159b5dd9c4296763f463b048c117a42fdc7fd588675f36daccf6cf2fab
SSDEEP

3072:b3Sj5cB6MxknJlz78AC7OJv1UJkQtSzEz2RUf9oUD+JDqoroEbAjRYXnL:rSexk3NU6lAz2RoyJVSjRYXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078783d6fd6b2b166f7b92dcb5d04623

Files

078783d6fd6b2b166f7b92dcb5d04623
.dll windows:4 windows x86 arch:x86

bd66a30531b4efaa6bf62d4ce6d555ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
TerminateProcess
lstrlenA
HeapDestroy
GetCurrentProcess
GetLastError
GetCurrentThreadId
MultiByteToWideChar
DisableThreadLibraryCalls
UnhandledExceptionFilter
LocalFree
LeaveCriticalSection

ole32

CoCreateInstance
CoTaskMemFree
StringFromCLSID

advapi32

RegCloseKey
IsValidAcl

msvcrt

wcschr
fwprintf
malloc
free
wcsrchr
fclose
wcslen

Exports

Exports

vcor

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 698B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ