0781d8a532e683d898f7dfe43aebe4c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0781d8a532e683d898f7dfe43aebe4c3
Size

198KB
MD5

0781d8a532e683d898f7dfe43aebe4c3
SHA1

615650ed6a32892726b6a266fde9546997100d29
SHA256

8da4f9911251814b6d6659ba5a1c172314125b3719b62713b8bf74a51aae0912
SHA512

552f02cbeec5e731972ae694693488fa954110838d0cf26068dd55fa6e8dcffc6af15600bcc40d8199e9f6b8c390de3fbf968959514ca113e7e067fe7df58c43
SSDEEP

3072:0LPunFgYt8o86Tb5RlVGW96R2SWrlLQ6qR90WTKLtS:0SPtt86Tb5RX7AR2SWrHqR90WMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0781d8a532e683d898f7dfe43aebe4c3

Files

0781d8a532e683d898f7dfe43aebe4c3
.exe windows:4 windows x86 arch:x86

6c2cdb42bc8b5c8852889a7a1965c281

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
PostThreadMessageA
MessageBoxA
DispatchMessageA
LoadStringA

kernel32

FreeResource
LockResource
GetProcessHeap
HeapReAlloc
GetCommandLineW
GetModuleHandleA
lstrcatA
FormatMessageA
lstrcpyA
LocalAlloc
LocalFree
WideCharToMultiByte
CloseHandle
lstrlenW
HeapAlloc
GetCurrentThreadId
CreateThread
WaitForSingleObject
LoadResource
SizeofResource
FindResourceA
GetLastError
ExitProcess

ole32

CoGetClassObject
CoUninitialize
CoInitialize

oleaut32

SysStringLen

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ