784500d587e82e123e281ce738d6687f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

784500d587e82e123e281ce738d6687f
Size

283KB
MD5

784500d587e82e123e281ce738d6687f
SHA1

1951a71485780c2344a70fc9318ee4d48058d6bf
SHA256

eafc480120503ccdfaf560036ac99939a9e2a8bcda76d6db1764ae2564603e58
SHA512

f4769723dcfad1028d5061c6a05bc10a9d2926c67748d9836ac821eb2fa7f27f0e34ae7cfc32d0db0fb516a0daed14fe0c8e82858b3973e62f797f5c10570612
SSDEEP

6144:0FrxDcdyy3DwJhlIezgv4ZPfB7mwKhRo5Ag2:8DCDwmez2eB7mZvoag2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
784500d587e82e123e281ce738d6687f

Files

784500d587e82e123e281ce738d6687f
.exe windows:4 windows x86 arch:x86

d57c3f12d921f8e18aa88a8e0230811d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
CompareStringA
CreatePipe
TlsGetValue
GetOEMCP
GetShortPathNameA
GetExitCodeThread
GetThreadLocale
GetLargestConsoleWindowSize
VirtualAlloc
CreateMutexA
TlsFree
CancelWaitableTimer
GetConsoleCP
GetThreadTimes
AddAtomA
GetThreadPriority
GetModuleHandleA
GetUserDefaultLangID
SetEvent
ReleaseMutex

user32

GetSystemMetrics
InvalidateRect
GetClassInfoExA
GetActiveWindow
GetDC
GetWindowTextLengthA
ValidateRect
GetForegroundWindow
GetFocus
RegisterClassA
GetWindow
ReleaseDC
IsIconic
ShowWindow
ReleaseDC
CloseWindow
GetClassNameA
GetWindowTextA
IsWindowVisible

shell32

SHGetFileInfoA
SHGetFolderPathA
SHBrowseForFolderA
SHChangeNotify
SHCreateShellItem

secur32

AddCredentialsA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ