7c50e0e1f40dd4288761e168b955b75d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c50e0e1f40dd4288761e168b955b75d
Size

244KB
MD5

7c50e0e1f40dd4288761e168b955b75d
SHA1

a4b6c4bb36f2036f7160f905a7f5c1f0252a00a9
SHA256

d48f6b91b0e9dcf272d6170ce0076ad210246f736266f62cabc44e92ecd31adc
SHA512

15ec00d1312e05f32371f1168676b484ba5420e99a05583214c02516be8216b9b7fcdd85aa66d09a052e92de834e898c185c69ee271905a488afe2a1c70ac427
SSDEEP

3072:a7EtVHGdU08zgKfc9lVYyo369PDmmC6q4MPwKJ+J9pZVCnGWFrJZ5Az6sbbTV/zx:uETsUNzgLD86BZC6EpCcRrJZ5qnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c50e0e1f40dd4288761e168b955b75d

Files

7c50e0e1f40dd4288761e168b955b75d
.exe windows:4 windows x86 arch:x86

f83102ca921762b46497fd08c7fdef94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetSystemDefaultLangID
GetCommandLineA
GetCurrentThread
TlsFree
TlsSetValue
FreeLibrary
lstrcatA
TlsAlloc
lstrcmpA
GetCurrentThreadId
GetModuleFileNameA
GetLogicalDrives
GetCurrentProcessId
GetDriveTypeW
GetSystemDefaultLCID
GetModuleHandleW
VirtualAlloc
GetCurrentProcess
TlsGetValue
IsDBCSLeadByte

user32

ShowWindow
GetWindow
UpdateWindow
IsIconic
GetFocus
GetWindowDC
GetWindowTextA
GetDC
ReleaseDC
GetWindowTextLengthA
IsWindowVisible
CreateWindowExA
GetWindowLongA
GetForegroundWindow
BeginPaint
GetActiveWindow
RegisterClassA
GetSystemMetrics
GetClassLongA

shell32

StrChrIA
StrRChrIA
StrChrA
StrCmpNA
StrRChrA
StrCmpNIA

msctf

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
TF_GetThreadFlags

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ