7900279b8b1d383fcb476db0b0e368d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7900279b8b1d383fcb476db0b0e368d5
Size

183KB
MD5

7900279b8b1d383fcb476db0b0e368d5
SHA1

02f3649bd30bb79972eb4ae53be86afd1a990b02
SHA256

29bbd994b61f197aac5214bc0660ec867cb2375aaa9ef007227d62da1070f8be
SHA512

cdb35b06f719ca440a9acbbed3024e404da64598670fc114f52c72b87f4115c302f7a50c3c7164625b0fc1c7e404a608ad60f9c4a4d6013502314cfc244e4f6a
SSDEEP

3072:CGXB8aEfHZoKUXSmCd14MWGpAVc3tSjsGLpnTDmNW5YFErRrRWQJHDcRFCh+Rz79:XBtpDu4MjRtSwmpnuNWzdrNJHYRFCh+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7900279b8b1d383fcb476db0b0e368d5

Files

7900279b8b1d383fcb476db0b0e368d5
.exe windows:5 windows x86 arch:x86

34989993837d51a41b3e115664b2a9f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
_controlfp
system
free
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
fgets
_XcptFilter
_exit
_cexit
wcsrchr
__setusermatherr
strpbrk
__getmainargs

kernel32

WriteFile
IsDBCSLeadByteEx
CreateFileW
SetFileAttributesA
HeapWalk
lstrcpynA
FileTimeToDosDateTime
GetFileTime
SetHandleCount
SetupComm
GetShortPathNameA
GetBinaryTypeW

Exports

Exports

_RegisterDeviceNotificationARegisterDeviceNotificationA@0
_RegisterDeviceNotification_A@0

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ