79bbd0b9e1387bc07e1cfe7f9b216b1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79bbd0b9e1387bc07e1cfe7f9b216b1f
Size

328KB
MD5

79bbd0b9e1387bc07e1cfe7f9b216b1f
SHA1

6aaf1358b165ce299b3dc2491487b3958e406c4b
SHA256

30e14041c8b7bd51f3eb028da3d73cad7e8699b68fef22896cf2c095b75ede5b
SHA512

868ba40e7476cdcc300b0c784e852256c2be968cc88f7a2104b06872cd3630112c3c82fc892e1fabf2ee418c7003689ad0e2894a88cd9f533501679a45538d66
SSDEEP

6144:5AK8PwjNi1eM3OcQ7C5ytkvG6hQOAtEiWSbj8Tg9tyE7ejCd4agrzq:K9Y5ioSsC5+BIK4Tg9EEigRX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79bbd0b9e1387bc07e1cfe7f9b216b1f

Files

79bbd0b9e1387bc07e1cfe7f9b216b1f
.exe windows:4 windows x86 arch:x86

f667093dae034284d3f439b242816979

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LocalUnlock
UnmapViewOfFile
LoadLibraryW
CreateThread
GetComputerNameA
CreateFileA
GetCommandLineW
PulseEvent
GetSystemTime
SetLastError
CloseHandle
HeapCreate
LocalFree
GetCurrentDirectoryA
lstrlenA
GetConsoleTitleA
SetEvent
GetModuleHandleA
Sleep

user32

FillRect
DrawMenuBar
CreateWindowExA
GetDC
SetFocus
GetKeyState
DrawEdge
IsWindow
DispatchMessageA
GetDlgItem
GetScrollBarInfo
CheckRadioButton
CallWindowProcA

clbcatq

CheckMemoryGates
UpdateFromAppChange
SetSetupOpen
DowngradeAPL
SetupOpen

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ