0758e724efc3b8c83f8bcc689f61588b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0758e724efc3b8c83f8bcc689f61588b
Size

448KB
MD5

0758e724efc3b8c83f8bcc689f61588b
SHA1

6b4e77e421ebf2e0093a74495fdd126823930d4f
SHA256

7b90f023cd85d557a7786cbbba8650299f45c88fa5473394d3746dc4b8b06274
SHA512

fa3cd27fc74a4b27666a391df28ba9323c01cd660519f130ebfb6c0302cd5fcb655c8f17528054b26963f0ae54017b92d3d8aa8283b4abd7685325672621876a
SSDEEP

6144:LO0VwBRjG6bAG7o5jo0FKoVDmWVTSumSOeOI1+BiA4w4JsaYEasGHytD46vb:LOuekq03EaTJOeOI4iAP4JsaCnylvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0758e724efc3b8c83f8bcc689f61588b

Files

0758e724efc3b8c83f8bcc689f61588b
.exe windows:4 windows x86 arch:x86

121654e7eabad34ae5a8162936b75fcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LockResource
CloseHandle
LoadLibraryExA
GlobalUnlock
RaiseException
Sleep
HeapCreate
SetConsoleCP
GetStdHandle
GlobalDeleteAtom
GlobalAddAtomA
GetLocaleInfoA
GetLastError
FoldStringA
GlobalFree
InterlockedExchange
VirtualProtect
GetACP
GetDriveTypeA
SetErrorMode

user32

ClipCursor
SetForegroundWindow
ReleaseDC
EndPaint
ShowWindow
GetParent
GetWindow
GetWindowTextA
GetMenuItemInfoA
DrawEdge
GetActiveWindow
BeginPaint
ValidateRect
GetClassNameA
IsIconic
DrawTextA
GetFocus
CharToOemA
GetCursorPos

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ