750f4d40e443c969073894cd21f85172 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

750f4d40e443c969073894cd21f85172
Size

148KB
MD5

750f4d40e443c969073894cd21f85172
SHA1

03bcfdf36d8a19bb97d4732c15d319fc1da14773
SHA256

5c26a13f8b4dea60f2634a29c52ce9a461c69a312876b969b84c3597c1e8824f
SHA512

9384c0112d4324570c7d139605da0c07e2ae7f0a719492801cf83cc00b61620762bf3764656a75f44d46c4b76ec7e275981597790288caa558f323aa74f4ce95
SSDEEP

3072:jR4VPnzEo4yXkcV0cMkTUQeljJatTuzAikZ6J:V4aoRFMDaZuMpZ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
750f4d40e443c969073894cd21f85172

Files

750f4d40e443c969073894cd21f85172
.exe windows:4 windows x86 arch:x86

4af7b28c9773b8a22744e6cedf21731a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
SHGetFolderPathA
SHFileOperationA

kernel32

IsBadReadPtr
lstrlenA
LoadLibraryA
ExitThread
ExitProcess
GetCommandLineW
GetLastError
GetModuleHandleA
GetVersionExA
GetModuleHandleW
GetProcAddress
VirtualAlloc
lstrlenW
LoadLibraryExA

user32

CharLowerBuffA
CharToOemA
CallWindowProcA
CallNextHookEx
CharNextW
CharNextA
AdjustWindowRectEx
CharLowerA
BeginPaint
CharUpperBuffA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 477B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ