794f65725c9bfaee5d46c6b736ae49d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

794f65725c9bfaee5d46c6b736ae49d2
Size

313KB
MD5

794f65725c9bfaee5d46c6b736ae49d2
SHA1

1976582b32557292fd12b462aafbb60dbe1e9967
SHA256

e7468854e7f3cc13a3cb3a28c575482ef5e2ee8bd99cc55972d9dee8c25837cf
SHA512

199ee6dd1eae6b3d02993b0e21993b4f32ef955d1bbc9a8f12c20bb17df7167157b93ce4a6d46c53bdf639a79fca3844e754ed2687faa8e5fcd0a43f31e6b70b
SSDEEP

6144:I5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:kK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
794f65725c9bfaee5d46c6b736ae49d2

Files

794f65725c9bfaee5d46c6b736ae49d2
.exe windows:4 windows x86 arch:x86

38484e373f2ea1410969843b669f3a73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetProfileStringA
VirtualAlloc
EnterCriticalSection
GlobalFlags
GetTapeStatus
ExitProcess
GlobalCompact
GetCommState
ClearCommBreak
GlobalFree
CloseHandle
CreateJobSet
GetUserDefaultLangID
GetOEMCP
CreateHardLinkA
FindAtomA
FormatMessageA
GetModuleHandleA
GetStdHandle
GlobalLock

user32

GetActiveWindow
GetClassNameA
GetForegroundWindow
GetFocus
GetWindow
CloseWindow
DrawEdge
ShowWindow
EndPaint
GetWindowTextA
RegisterClassA
GetClassInfoExA
GetDC
ReleaseDC
IsIconic
ValidateRect
GetWindowTextLengthA
GetParent
BeginPaint

wsock32

WSAAsyncSelect
WSAGetLastError
WSACleanup
WSAIsBlocking
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ