476d5db0e43e46c9b797e25200561ec2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

476d5db0e43e46c9b797e25200561ec2
Size

245KB
MD5

476d5db0e43e46c9b797e25200561ec2
SHA1

f6f7b83f7361f710983bdc6d3dda4329067d7e00
SHA256

e3cf1f44c404fa1f31d46047acf3e714df85c2a85d5dfae8c7cffe303c8284cd
SHA512

75f17fc1d7b175517b5e3b38901e643223ad90b2aeede738e81de75947a8ab9389f12b5276d188efd6560bbcbea062c2d03e685e73c47242168da74dabc23ff8
SSDEEP

3072:7XAi4TZ7kIlhbsLGZXqsfd0w1WJ3TnDaBsny9Erl+ioXFAsAcv2:7XAiUrL42qM10Pauntoio1Ay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
476d5db0e43e46c9b797e25200561ec2

Files

476d5db0e43e46c9b797e25200561ec2
.exe windows:4 windows x86 arch:x86

30a461807e37e92f6863005e57a014fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
GetForegroundWindow
CharNextA
GetWindowDC
GetFocus
GetKeyNameTextA
GetKeyboardLayout

kernel32

GlobalAlloc
IsBadReadPtr
LoadLibraryA
lstrlenW
GetCommandLineW
VirtualAllocEx
GetModuleHandleW
LocalAlloc

Exports

Exports

_RRI@4

Sections

CODE
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sjdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fgdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.esdata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ