0772545fef81930a8b0d43dcf435c217 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0772545fef81930a8b0d43dcf435c217
Size

48KB
MD5

0772545fef81930a8b0d43dcf435c217
SHA1

6572ee1a00834ead1ee5209fbab8d26ebe3c0747
SHA256

5ad3acee8fa66787c0a88a3022c909967b7d84f8c389a78113ad7bcb9b8a4c9f
SHA512

da0519b507870c9ebf06810b895ceba7f36cf4263b1f61dbd302e9047cb53ecb6a29626f0e7eda8027e46e6f8cccf73c61e73ff8b90f2c525464afd579a2c44a
SSDEEP

768:C9nQ6psALVSdydEVSM4SGSCh2jvq+tu9w0raMlxKdtgfLoj53T1Z6E8:C9iAH34GSCMjS+craMXKXgfLojNT1Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0772545fef81930a8b0d43dcf435c217

Files

0772545fef81930a8b0d43dcf435c217
.exe windows:5 windows x86 arch:x86

5f9502372dd0b8dc89187e15d90c0b67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

lstrcatW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
SHDeleteKeyA
StrCmpNIW
StrStrW

user32

CharLowerBuffA
DrawIcon
ExitWindowsEx
FindWindowExA
GetClassNameA
GetClipboardData
GetKeyState
GetWindowThreadProcessId
LoadCursorA
MsgWaitForMultipleObjects
PeekMessageA
SetThreadDesktop

Sections

.qnuzuz
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yfebov
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rur
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ