78a549426211e1682c4d374e4066d947 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78a549426211e1682c4d374e4066d947
Size

302KB
MD5

78a549426211e1682c4d374e4066d947
SHA1

c7c4ba6aa3e08db728db60908c260fb789d51b13
SHA256

303b06b8146380dd6f9ee4a3d6eeb02d6459d5b9bad1bfd309aa14c224621d62
SHA512

dfdce3fd9fb2b4a60184cf7c03f1cfc619aee8f408a220f11987e16222e52e85b0e3e232a9e4eb48781cf95627bc622afb5175edc37c84fa71e3d0ea7405406a
SSDEEP

6144:SgOiCbj7HdKD9kYTLL3T1TywzEysmvBWby6uc0WgIFgsbdZUa1s+dqqWt:SgbCbjbdKD9kAT1reGVE0eFgsXsq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78a549426211e1682c4d374e4066d947

Files

78a549426211e1682c4d374e4066d947
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

asp
Size: 247KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

asp
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE