f81e89afe81ecd9741fa140074a8a104 | Triage

Sharing

General

Target

f81e89afe81ecd9741fa140074a8a104
Size

480KB
MD5

f81e89afe81ecd9741fa140074a8a104
SHA1

b7af8782f485710b52fa24d6cb8aa54453aef3eb
SHA256

5c5fcb22cd488d4fa2d9a14c0d8b2143293def97037c64c2a961ed60862f9861
SHA512

4e9cebc1fc7db011ed13bef5060fbd3111cd81aa8b94f2ff63d24414e589a9b49e978606b6088bfe711d6b456ee1c2437cfcb19d783bd98fc6ec636c27babaf1
SSDEEP

6144:2F9LY3kgPW6pKCRhv3WXknJqqM36SGlw6o5DHNpDmGDpHn+mMMFvw/OJDw:2F9L1i9hvWXx36TTSDpHrvI/KDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f81e89afe81ecd9741fa140074a8a104

Files

f81e89afe81ecd9741fa140074a8a104
.exe windows:4 windows x86 arch:x86

d1ddb53a66d2ef4ddfe8e461f386a6a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarCyFromBool

user32

GetForegroundWindow
GetCursor

kernel32

GetProcessHeap

Sections

.text
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE