7878499d72e0b8460f3c606d2658798e | Triage

Sharing

General

Target

7878499d72e0b8460f3c606d2658798e
Size

144KB
MD5

7878499d72e0b8460f3c606d2658798e
SHA1

7aeb43aa8e7d8468310106ad4b6b9f293afe57b4
SHA256

57be065e22e1f529e063352057ccd6e9d1f1808ab381aca9b899868d60d27b2c
SHA512

7847818dbcf41fe8c5c693f08e5cdf7f14c8779f89ca804c2e1bd2f4de1efdb683d7ab8037580f90a2c83e086025e501ce6278840a5a5ded572a66144cf1d933
SSDEEP

3072:rfDA0xv3r7UL6YldSIhpXqtyrnbqy6Rqx2lLVHHg+9ZPS3fkEuT5piW88HrS8AQ6:rfsukLtXSI3XqSgRVZg+LaRu+NGrz89L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7878499d72e0b8460f3c606d2658798e

Files

7878499d72e0b8460f3c606d2658798e
.exe windows:4 windows x86 arch:x86

558aceb7bb7173a35abbbec52e27df79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

LdrLockLoaderLock
LdrSetDllManifestProber
LdrShutdownThread
NtAlertThread
NtClearEvent

shell32

SHLoadInProc
DragQueryFileW
ShellAboutA
ShellHookProc

comctl32

ImageList_LoadImageW
ImageList_Write
CreateStatusWindowW
ImageList_DrawEx

kernel32

DeleteFileW
CreateMutexW
GetTapeStatus
CreateFileW

Sections

.text
Size: 67KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE