678cbc8c1c41af04c354dd61473f0548 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

678cbc8c1c41af04c354dd61473f0548
Size

44KB
MD5

678cbc8c1c41af04c354dd61473f0548
SHA1

eb0b148b7ef51145fbb1f0495a96b0c468c6ae48
SHA256

53e23236bcb064c476f8cc2d9cdfd190c36e9504f83086703eb38af1c0f81f5e
SHA512

1ddda8b39efdd8bfa5d74f21e84554241ac6c66d12df66b294b1105630420035a241429a2f6520f1bcf2291b74006b6e9201b0a7209ee11ab4119f68a8d40566
SSDEEP

768:UMd4imeRglLxX8FaCUqQtMkcIGjb/ZQNdGDTVfjsctab:UlTug/X8FaCaKaG//ZaGD5IHb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678cbc8c1c41af04c354dd61473f0548

Files

678cbc8c1c41af04c354dd61473f0548
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 21KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 956B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ