74fc8e0c0157a88d79dd8e00810bdcfb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74fc8e0c0157a88d79dd8e00810bdcfb
Size

330KB
MD5

74fc8e0c0157a88d79dd8e00810bdcfb
SHA1

68a06aaed606b79784ec61e0f521734ee82c3201
SHA256

9d390f665c962343e2336bff689034e9a195f4265a1bda68154140e7fd5208bc
SHA512

4c5ebe7c4e8105329a666973e75dd591aac6ba9d16cbd2f826a6c5605d904b701db6fb6f923e65cab26e4dc8de5a1e8b5a8b31f3047436e1d6668e88dfecde5e
SSDEEP

6144:aNaGCcAuO5Qt+Qg3Vu6k1vsZuIocTlrnh:aNalcN5g3VuZ10uIocTlrnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74fc8e0c0157a88d79dd8e00810bdcfb

Files

74fc8e0c0157a88d79dd8e00810bdcfb
.exe windows:5 windows x86 arch:x86

e7c6f78b5a7e84e1ef2ee55df996905e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueW

user32

CharNextW

oleaut32

VariantCopy

netapi32

NetWkstaGetInfo

advapi32

RegCloseKey

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.MPRESS1
Size: 223KB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE