768ba1fa97bce48402298a4ebd0d8a86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

768ba1fa97bce48402298a4ebd0d8a86
Size

32KB
MD5

768ba1fa97bce48402298a4ebd0d8a86
SHA1

f922280fd39e4fcad3a2e1f9fa8f062e01443353
SHA256

47d0ac7351aebbe5030d275c9960343ad0f784d781427da664b68fe4273b4576
SHA512

ac764c55790dfb58c6046f8f1b5f5299eaf2b21d94a6f8c1256116e7ef29c429cd7e6f1822f9b65d9e534a9a67637dc938121cea2b8274be2bd31c8499dbb627
SSDEEP

768:dSEgtw9wO6Ua/7omHuG1yBbrhHLg03nQPCNPZ7Y:cEgtwaO6zTFuiCPhHL5QPoP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768ba1fa97bce48402298a4ebd0d8a86

Files

768ba1fa97bce48402298a4ebd0d8a86
.exe windows:4 windows x86 arch:x86

d53c15e5b92b37a791d051e037fbaa80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetLocaleInfoW

msvcrt

_controlfp
ungetc
_wfindfirst64
_findnexti64
fwrite
_wpgmptr
__getmainargs
atol
_mbsnbcmp
strcoll
_getmbcp
_adj_fdiv_m32
_ismbcdigit
_chsize
memcpy
getenv
_rotl
isalpha
_XcptFilter
wcsncat
_getws
isxdigit
_mbctolower
_lfind
_initterm
__set_app_type
memmove
_stricoll
_ismbbkpunct
__setusermatherr
isalnum
_ismbbpunct
iswupper
_lrotr
strcmp
_wcsrev
__p__fmode
_wfindfirsti64
_exit
_mbscat
__p__commode
isupper
_mbsupr
_mkdir
_lseeki64
_mbsncmp
_except_handler3
isleadbyte
wcsncmp
_getwch
_c_exit
_wexecvp
_memicmp
ceil
_acmdln
_ftol
_msize
_adjust_fdiv
exit
_waccess
_adj_fdivr_m32
_heapmin
_fstati64
wcsftime

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ