0781e484c7db563928dcb81a09adc38c | Triage

Sharing

General

Target

0781e484c7db563928dcb81a09adc38c
Size

62KB
MD5

0781e484c7db563928dcb81a09adc38c
SHA1

ab76372132dc2fcc2571180ee023a8036c584c16
SHA256

b290b359e54c7eff45646f811b44db48f3f6ed93ce7947c0509e27a82ff614e8
SHA512

24a8f8c1977a3211e684fe5450d2322ff4f1d6e1490df6e1755b30f9818cac5caf99a28e3c416d4669d3a8aae44b298da4a05ddfed3fb96ca7052e7a7b40acaf
SSDEEP

1536:hrIIrcrHbjFPdBXr3nqV1rvqRIlNwx0JjlGUZ:hrLIvFDCJKj0JjlGUZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0781e484c7db563928dcb81a09adc38c

Files

0781e484c7db563928dcb81a09adc38c
.exe windows:4 windows x86 arch:x86

75d17e01d56b5966e349a7b5b8c0174c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
CloseHandle
GetTimeZoneInformation
MulDiv
UnmapViewOfFile
GetModuleHandleA
LeaveCriticalSection
ReleaseMutex
SetFileTime
EnterCriticalSection
CreateThread
FindFirstFileW
TryEnterCriticalSection
CreateFileA

shlwapi

wvnsprintfW
SHDeleteKeyA
PathFindFileNameW
PathRemoveFileSpecW
PathMatchSpecW
StrCmpNIW
PathFileExistsW
PathCombineW
wnsprintfW
StrCmpNIA
StrStrW
wvnsprintfA

advapi32

RegSetValueExA
CryptCreateHash
CryptAcquireContextW
RegCreateKeyExA
CryptHashData
RegEnumKeyExA
RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
CryptDestroyHash
RegCloseKey

user32

PeekMessageA
CloseDesktop
SetProcessWindowStation
OpenDesktopA
FindWindowExA
GetWindowTextA
EndDialog
GetKeyboardState
GetCursorPos
DispatchMessageA
MsgWaitForMultipleObjects
ExitWindowsEx
GetDlgItemTextA
SetThreadDesktop

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE