7f0ac445c0b5a66214a96cabb1526f86 | Triage

Sharing

General

Target

7f0ac445c0b5a66214a96cabb1526f86
Size

174KB
MD5

7f0ac445c0b5a66214a96cabb1526f86
SHA1

14a760078a8a8a94e9c0c018a910d04a08c137fb
SHA256

e5097c807efcf6c09b2f26223dcbdb53516dedb40b40305b3a88efb0d63f644d
SHA512

3aad8719f831eeb4175b09434bd2223a88515aa3ff177a9994a243863d168b135e0e469184c40718cb29f7f7de87fd90a20ec156bb359e1d31347a2765976d7a
SSDEEP

3072:C79fIZzTalm7A5Qax8Y/2XUK0o3yje6cceHuVdR4dJ9cz7uNYD17bILf:C7JRQU+YkUpo3yS6cZOt4dJ9cz78YD1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f0ac445c0b5a66214a96cabb1526f86

Files

7f0ac445c0b5a66214a96cabb1526f86
.exe windows:4 windows x86 arch:x86

1ee495b6605d27b8c1320c4f2ef46dc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SystemTimeToFileTime
FindFirstFileW
GetLocalTime
GetStringTypeW
ConvertFiberToThread
GetOEMCP
GetSystemDirectoryW
SetThreadIdealProcessor
FindClose
SetErrorMode
CompareStringA
LocalAlloc
LCMapStringW
EnumResourceNamesW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentProcess
RegisterWaitForSingleObject
FindNextFileW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetShortPathNameW
LocalFree
LoadResource
FileTimeToSystemTime
IsBadReadPtr
FreeLibrary
FindResourceW
SearchPathW

user32

FlashWindow
ReleaseCapture
ValidateRgn
GetCapture
SetCapture
UpdateWindow
ValidateRect
EnableWindow
IsWindow
IsWindowEnabled
InvalidateRgn
RealGetWindowClassA
DestroyWindow
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ