78c7332f8d3847335d76ca7d09a6f8dc | Triage

Sharing

General

Target

78c7332f8d3847335d76ca7d09a6f8dc
Size

786KB
MD5

78c7332f8d3847335d76ca7d09a6f8dc
SHA1

da229e6728d062e529bb9c701948cb707b771064
SHA256

c61d5bcf75c634cc0d19cc7fbb8157aab82ad29be1e5870f83a77a895ff61100
SHA512

751a4b6846f83d21c489019abdaddaf3e9b5aa266150da09dc2b6fed77e77ae78f7183e4e0a44f7169c7a665fc88053e351a2def1119c9aaeec5180821fdc377
SSDEEP

24576:1/F+GDpaDGO7WQHl4bDFQ0KqeukLiKrKp:1jDMDV7fepQ6kLbGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78c7332f8d3847335d76ca7d09a6f8dc

Files

78c7332f8d3847335d76ca7d09a6f8dc
.exe windows:1 windows x86 arch:x86

944c9d2fd740943556ee8360d4267e97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
InvalidateRect
IsCharUpperA
IsZoomed
PeekMessageA
PostQuitMessage
ShowCaret
TrackMouseEvent

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateFileA
DeleteFileA
FoldStringA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetVersion
GetVolumeInformationA
HeapFree
IsBadStringPtrA
IsDebuggerPresent
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

gdi32

AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA

Sections

.text
Size: 512B - Virtual size: 241B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aspr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ