76462f802462308779b0791a823f7a23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76462f802462308779b0791a823f7a23
Size

25KB
MD5

76462f802462308779b0791a823f7a23
SHA1

b99665afc490edc4d2639f0ff41a8e476b8364e0
SHA256

caad87da887e57787152c996e97ef34feec8d4a8bdadb5f1df049d1ae5121348
SHA512

2c4d5ddfbf294e9450e35f15f57f24d9b91be1767ec3255da99c2fec8537cd1dd80a7d894c86329a0935b84a9f4f33d43d0ab9d03447ab5f33aa56e01af061eb
SSDEEP

384:YWUpktETlX6LuyNGxBsL1sqUBdcy4evmbDDTvu9/xm9iwCfdklQtCH:TUCQlYuyN4BsLFaOnOmbDPvMJmAPs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76462f802462308779b0791a823f7a23

Files

76462f802462308779b0791a823f7a23
.exe windows:4 windows x86 arch:x86

a060568405042292895f7e5b238d137a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLinguistLangSize
UTUnRegister
TerminateThread
ProcessIdToSessionId
GetFileAttributesExW
HeapSetInformation
RtlZeroMemory
lstrcmpW
LoadLibraryA
GetConsoleSelectionInfo
SetEnvironmentVariableA
LZCloseFile
SetConsoleCP
LZInit

user32

CsrBroadcastSystemMessageExW
BroadcastSystemMessageA
DdeConnect
CheckMenuRadioItem
GetDCEx
LoadMenuA
UnhookWindowsHook
IsWindowVisible
PrivateSetDbgTag
RegisterDeviceNotificationA
DialogBoxIndirectParamW
TranslateMessage
CallMsgFilterW

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ