0766c9376acb16c3ead2d8f82d87563a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0766c9376acb16c3ead2d8f82d87563a
Size

157KB
MD5

0766c9376acb16c3ead2d8f82d87563a
SHA1

a9b405c2681b262a09ebee57151eabc750cdc081
SHA256

8d7327acdfa8dfb0b2e53c18eed16340755a03c431049f8217400a47b7bc5a19
SHA512

5b8f10363ce557724b77c5a75c1f260cefc28ff91637d910c8368caee09a42ead5ff6e71a67a21f966bbd0d63d2ae7c12913687e0b7fcb5e196bf160b8e5c5fe
SSDEEP

3072:Bn1l12ArTCcoRcVF7O1A1Q1VMqsdY0x8vfSGQePbA266kYWH:BnvPrWco2VFSb1hsfbeDp4Yy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0766c9376acb16c3ead2d8f82d87563a

Files

0766c9376acb16c3ead2d8f82d87563a
.exe windows:4 windows x86 arch:x86

babeddccbc9ead6ddfae9cfae305ee17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
InterlockedExchange
WaitForMultipleObjects
GetConsoleCP
SuspendThread
GetModuleHandleA
GlobalUnlock
CloseHandle
lstrlenA
GetSystemDefaultLangID
GetStdHandle
GetVersion
GetAtomNameA
HeapReAlloc
CompareFileTime
VirtualProtect
GetTickCount
GetCommandLineA
SetConsoleCP
LoadLibraryExA
WaitForSingleObject

user32

IsDialogMessage
GetKeyState
FindWindowA
GetDlgItem
CreateIcon
InvertRect
FillRect
SetScrollInfo
SetPropA
DestroyMenu
CopyImage
DialogBoxParamA
EnableScrollBar
SetWindowPos
CreateMenu
GetKeyboardLayout
GetCursorInfo
DrawCaption
DispatchMessageA
DragObject
InsertMenuA

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ