078410836a84ac95fae8e408a0e188ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

078410836a84ac95fae8e408a0e188ea
Size

88KB
MD5

078410836a84ac95fae8e408a0e188ea
SHA1

f35f54e2991d4f7811475a336da5d46b2a2d2582
SHA256

4668b60496a5e71d800b1e8228263f9d9ea9ceed638c9c8d82a1b36317df137c
SHA512

113c440c83b48c046d7b13a60ced718ca7ebad33b114bfa831943b6531770d510c67fab28daaff9da144d44210b3572449e29b4bdc0e9100be353418eaa81be9
SSDEEP

1536:LzC+lUFl01sLz35oXXpPmBwgPHakDkyAI90DCxTK+o1w3l:LzCWUFK143SXW9PHsh0vxO/1w3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078410836a84ac95fae8e408a0e188ea

Files

078410836a84ac95fae8e408a0e188ea
.exe windows:4 windows x86 arch:x86

ac254391414ed711c4fb03fcff8db0ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
IsBadReadPtr
SetLastError
TlsGetValue
GetDiskFreeSpaceExW
GetDriveTypeA
Sleep
VirtualProtect
IsBadCodePtr
GetComputerNameA
ReleaseMutex
DeleteCriticalSection
FindClose
GetCommandLineA
GetLastError
LoadLibraryExA
GetTickCount
CloseHandle
GetModuleHandleA
FreeConsole

shell32

SHGetSettings
SHFree
ShellAboutA
SHGetMalloc
DllUnregisterServer
SHGetDiskFreeSpaceA
ExtractIconA
StrChrA
DuplicateIcon
DragAcceptFiles
DragFinish
DragQueryFileA
ShellMessageBoxA

printui

bFolderGetPrinter
vPrinterPropPages
bPrinterSetup
vQueueCreate
PnPInterface

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

krjvhju
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE