076ebe411da6ad7bd5b26f51f74a7675 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

076ebe411da6ad7bd5b26f51f74a7675
Size

370KB
MD5

076ebe411da6ad7bd5b26f51f74a7675
SHA1

6c9d45ec9602a446e2987a022c1b6a40cb4c6005
SHA256

e74fe0a48cb7b35905bbeace00f6490bef7c7efb3552d78d476293c93233bcf2
SHA512

12731f0ebc76b2ee155c7da16be47a8d546361f23b0c360757bfa7c3973883c7171e2ee75227abd2aa76829d0c9d96da3e20a2b6dd112a725834ddc09fbf8bba
SSDEEP

6144:zOdx2KfTQUvsevPxXJ2ggbvnjz4KxlDfX9flebmE9uDMnyQY7wNOqRdusIQRlHFL:y9QUvHvPx5grnjz4ClDfXNdEMkyQY78r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
076ebe411da6ad7bd5b26f51f74a7675

Files

076ebe411da6ad7bd5b26f51f74a7675
.exe windows:4 windows x86 arch:x86

e4878aa1b1d4c1520e76e0c12f4d48ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
GetModuleHandleA
lstrlenA
GetAtomNameA
VirtualProtect
GetACP
GetVersion
CompareFileTime
GetTickCount
GetStdHandle
CloseHandle
HeapWalk
LoadLibraryA
WaitForSingleObject
HeapReAlloc
InterlockedExchange
TlsGetValue
TlsFree
GetConsoleCP
GlobalUnlock
FindAtomA

user32

GetWindowTextA
GetSubMenu
EqualRect
EnableScrollBar
MessageBoxA
SubtractRect
LoadIconA
DialogBoxParamA
GetScrollRange
GetMenu
InflateRect
SetWindowPos
CopyRect
InsertMenuA
DestroyMenu
PaintDesktop
SetPropA
CreateCaret
GetDlgItem
PostQuitMessage
DispatchMessageA
ShowWindow
TranslateMessage
ModifyMenuA
UpdateWindow
GetKeyboardLayout
PostMessageA
GetMenuStringA

msi

MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle
MsiDoActionA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ