747aa37bb313a6dfc7e8d4daff6ac3626c2e9f5ce32c2179555ff4f4c3526777 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

747aa37bb313a6dfc7e8d4daff6ac3626c2e9f5ce32c2179555ff4f4c3526777
Size

1018KB
MD5

d955d5f3eb6d3cace22d94aea6ee815f
SHA1

15a6e2bfa0699b34058bc0c6592baba6726aad10
SHA256

747aa37bb313a6dfc7e8d4daff6ac3626c2e9f5ce32c2179555ff4f4c3526777
SHA512

4a6495546ed148b3fd6140c6d4649f0493827ca0ba8bebf4de58e05c6bdf0068f951b6956aea80555029b3e571062300004efa2f87fd9cc0a7a3b935d6777aab
SSDEEP

24576:0bi6iNjX7iDYmOyMACvao4TFz0LJpRE/XmE/XmE/XmE/XmE/XmE/XmE/XmE/XmET:3zRm7Z40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747aa37bb313a6dfc7e8d4daff6ac3626c2e9f5ce32c2179555ff4f4c3526777

Files

747aa37bb313a6dfc7e8d4daff6ac3626c2e9f5ce32c2179555ff4f4c3526777
.exe windows:6 windows x64 arch:x64

e7af0b5af5232d05ccfa59f613c76952

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

rpcrt4

RpcServerInqBindings

kernel32

SetCriticalSectionSpinCount
GetLastError
HeapAlloc
HeapFree
MultiByteToWideChar
GetProcessHeap

user32

IsWindowVisible
GetWindowContextHelpId
MessageBoxA
GetWindowLongPtrW
GetClassLongPtrW
CloseGestureInfoHandle
RegisterClassA
RegisterClassW

shell32

SHGetFolderPathW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ