26d78f66a61abc5c378fb75f7cac4646 | Triage

Sharing

General

Target

26d78f66a61abc5c378fb75f7cac4646
Size

72KB
MD5

26d78f66a61abc5c378fb75f7cac4646
SHA1

d5d79a9ad66ba5f271473c13a745006591b7e77a
SHA256

432750be56bd3d67b0c3049424921a5153c16fa467f34e0fac9421eddff6eab8
SHA512

1d72f09f5541db9249310e05bf8632cd468cd58f3216c3e00119a486d54b56e0a6150566c51e8fce193fb2ce9ef211db5af6e68216afa27733214c59b271f98c
SSDEEP

1536:psenF6S5wOs60ImnU5GaaKivo588RxTgcHdjt:SenV5Ss8aG7A588ngc9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d78f66a61abc5c378fb75f7cac4646

Files

26d78f66a61abc5c378fb75f7cac4646
.exe windows:4 windows x86 arch:x86

103d340184135aff11882bc24b72daf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
SetFilePointer
GetModuleHandleA
GetCurrentProcess
WriteFile
CreateFileA
GetLastError
LoadLibraryA
SetFileAttributesA
GetProcAddress
GetStartupInfoA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
OpenProcessToken

user32

GetForegroundWindow
GetClassNameA

winmm

mixerGetLineInfoA
mixerSetControlDetails
mixerOpen

msvcrt

_XcptFilter
__p__commode
_adjust_fdiv
_controlfp
_except_handler3
__set_app_type
??3@YAXPAX@Z
sprintf
__CxxFrameHandler
_exit
__setusermatherr
exit
_acmdln
__getmainargs
_initterm
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ