78b917744c314795213b9c2aaa83e402 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78b917744c314795213b9c2aaa83e402
Size

20KB
MD5

78b917744c314795213b9c2aaa83e402
SHA1

277da15aeeb3d6a07df9a79dfeb4663b069c6cf8
SHA256

8e319eb4d5838c4ba9b5be805ff06e90ed0a2f985c280d0aa6afb3033d65559a
SHA512

ebaa1cc89bbea78a1ff7a76566af45ea9d3d8b9c469bde1a75bed16ec2a9a40e632192e7495bc17fb4206abf867ef692b4789e32d433f4481ca6cd6151c24273
SSDEEP

192:qsK8G0MnwBkS6DmmAKc/7ycMKtWRLQVQI0:Mhy8/9c/NMOWhQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78b917744c314795213b9c2aaa83e402

Files

78b917744c314795213b9c2aaa83e402
.exe windows:4 windows x86 arch:x86

8e2fe3aba420baa13b76e5f0c0780ded

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
WaitForSingleObject
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
GetTempFileNameA
GetTempPathA
DeleteFileA
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFileAttributesA
GetEnvironmentVariableA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE