276db1f77e846974dc82bb3754aff65d[.]exe | Triage

Sharing

General

Target

276db1f77e846974dc82bb3754aff65d.exe
Size

263KB
MD5

276db1f77e846974dc82bb3754aff65d
SHA1

c20077e42be5351069c49cb6989d76d74169e777
SHA256

5a7a915498f8da66026fe8dfd6f5cada62b8804c2678fbeb78c7bce666d644a6
SHA512

cc53938cb2a94375f83cfa65302af27bde1c58244540aaf0a31812ccf227651c6b3a08cce70dce556269aacc009382e18b6e5e963f05ddba4e880cf0c289917e
SSDEEP

6144:Sy5/LVNQhyZUbTeCHrvDeWCW5d5zCqoF3igW+irObnxSKtaN4cps:fQhyZwCCHTAWH5CqokgOrObxSeaFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276db1f77e846974dc82bb3754aff65d.exe

Files

276db1f77e846974dc82bb3754aff65d.exe
.exe windows:4 windows x86 arch:x86

d41395ad71b015b09d6bbabe17e0d3d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromPoint

kernel32

GetStdHandle
WideCharToMultiByte
LoadLibraryW
HeapSize
GetModuleHandleA
GetCurrentProcess
GetEnvironmentVariableA
HeapFree
HeapDestroy
GetSystemTime
GetLocaleInfoA
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedCompareExchange
UnhandledExceptionFilter
HeapFree
InterlockedExchange
RaiseException
CreateFileW
GetTickCount
QueryPerformanceCounter
EnumResourceTypesA
lstrlenW
HeapAlloc
GetProcessHeap
SetUnhandledExceptionFilter
LocalAlloc
GetStartupInfoA
LoadLibraryExW
HeapReAlloc
CompareFileTime
MultiByteToWideChar
CloseHandle
lstrlenA
TerminateProcess
Sleep
WriteFile
IsDebuggerPresent
GetThreadLocale
GetCurrentThreadId
GetACP
CreateProcessA
SystemTimeToFileTime
lstrcpynW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ