75879295ef6daf7f8cd035e9a04218d9 | Triage

Sharing

General

Target

75879295ef6daf7f8cd035e9a04218d9
Size

211KB
MD5

75879295ef6daf7f8cd035e9a04218d9
SHA1

a3e286680c49365945092e00a1f7daf29f1d6876
SHA256

796984b6441982bc882aa42f4eee533d01f7ee841039bdb0bc5c3526b3a16db6
SHA512

76b43d039e6d45195df7b697bbb1df93c455de364409c5dc25f49ca73acae249b8d04b966a426a74bb5e92c58d44880de243d7fa55b6427acc565c7809ad1968
SSDEEP

3072:DcgRimct5fFJ3EzhahRZ7LKT6JaWrr+RI+rgUk5CD/n:DcrzEg3VLu6JaQEI++5S/n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75879295ef6daf7f8cd035e9a04218d9

Files

75879295ef6daf7f8cd035e9a04218d9
.exe windows:4 windows x86 arch:x86

f8b0cc24b94f185c5111caa69c9ff479

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SuspendThread
SetConsoleCP
GetCommandLineA
GlobalUnlock
InterlockedExchange
WaitForSingleObject
GetSystemDefaultLangID
GetStdHandle
VirtualProtect
LoadLibraryExA
GetConsoleCP
GetAtomNameA
HeapCreate
CloseHandle
HeapReAlloc
lstrlenA
WaitForMultipleObjects
GetVersion
CompareFileTime
GetModuleHandleA

user32

DialogBoxParamA
SetPropA
DestroyMenu
FindWindowA
IsDialogMessage
InvertRect
DrawCaption
GetKeyboardLayout
CopyImage
GetCursorInfo
InsertMenuA
CreateMenu
FillRect
SetWindowPos
EnableScrollBar
DragObject
DispatchMessageA
SetScrollInfo
GetDlgItem
CreateIcon
GetKeyState

advapi32

RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA
RegEnumValueA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ