7539d6f7d01499759ff2f81b56ab3086 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7539d6f7d01499759ff2f81b56ab3086
Size

18KB
MD5

7539d6f7d01499759ff2f81b56ab3086
SHA1

e3121e16c814e5672ae6d189901c18e2cf1a4a4a
SHA256

1d944fe019821e6a3b0616927e1c12fcdc6a90f84d5bd33cc4499bec52b1dc59
SHA512

95fac2639e7854ac3ff9325c01492ca7dbf825cd7cb986ff4519e611c28b209f3eefad9585b0902b5b9603570d2107037448700d14c118c13c47cad255ab6ccb
SSDEEP

192:85goX3BEGW3smK1Yu/cIAGWBMa3Jaw1SVlDggPQEsisjSylVTj4NKOI:YxEp/KzZAGkZaw1SVl81EsRd1j4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7539d6f7d01499759ff2f81b56ab3086

Files

7539d6f7d01499759ff2f81b56ab3086
.exe windows:4 windows x86 arch:x86

0317b49ac707ed66ddebfaf2e97d549b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
HeapDestroy
GetACP
CreateIoCompletionPort
GetProcessHeap
GetEnvironmentStringsA
GetTimeFormatA
VirtualProtect
GetTapeStatus
GetModuleHandleA
WaitForSingleObject
GetLogicalDrives
GetCurrentThread
GetCurrentProcessId
GetStdHandle
InterlockedExchange
HeapQueryInformation
GetProcessVersion
HeapCreate
LoadLibraryExA
GlobalMemoryStatus

user32

GetParent
DragDetect
wsprintfA
EndPaint
GetWindowTextLengthA
SetActiveWindow
SetForegroundWindow
GetClassNameA
ShowWindow
GetTitleBarInfo
BeginPaint
GetWindow
ReleaseDC
GetDlgItem
FrameRect
GetFocus
FillRect
GetCursorPos
DrawTextA

gdi32

CreateBitmap
CreatePalette
GetLayout
CloseFigure
GetClipBox

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ