15ff78833e82a807832888b36f92adce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15ff78833e82a807832888b36f92adce
Size

295KB
MD5

15ff78833e82a807832888b36f92adce
SHA1

22e5b6908cbef2aea93d9082cd3019c58c2bbfca
SHA256

b7f9b52adb5608993ac5e4767e6d524a7fca53286671774be15a9bddbe26c201
SHA512

3afdb215f65ce429360442e4e45f2394725aa04e1e518ddaf472d7bb4379511cca605945d5ec89a4aac1d139c90e1346fb83c8c1f7fd8641e62701b32833778f
SSDEEP

6144:bU867gbI4HbQDQdoAfxRH7JmOD6Ta6wuxGigJ5ObvMmOsvPTbZ:bHs4H4UzfxRVmOIa+xBgJ50v39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ff78833e82a807832888b36f92adce

Files

15ff78833e82a807832888b36f92adce
.exe windows:4 windows x86 arch:x86

0e36c7bbaa4b3687f6def0e66728b033

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
GetConsoleOutputCP
GetLocaleInfoA
GetDateFormatA
GetOEMCP
VirtualAlloc
GetTimeFormatA
TlsGetValue
HeapSize
SetStdHandle
TlsSetValue
RtlUnwind
EnumResourceNamesA
IsValidCodePage
SetFilePointer
FindResourceA
GetCPInfo
TlsAlloc
GetACP
MultiByteToWideChar
HeapReAlloc
WriteConsoleA
RaiseException

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteExW
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 141KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ