78a776aa78900f29d47983deeec7052f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78a776aa78900f29d47983deeec7052f
Size

424KB
MD5

78a776aa78900f29d47983deeec7052f
SHA1

282cabe15a7310ebbc5a58a0b51ead35b945146b
SHA256

84527fdd7a62ac73cbe627648e3070682fd2ad24454d08fd0cfdbd48e47ef7c6
SHA512

38cee5c2cc52232c5467678552164e9355d77fce444d210535e1f62f0a95cb98dc3520e8467690c9cf3e45451306ebe871872ad7c46f88b2562eb39593d55b45
SSDEEP

12288:g6h5mf3I2iwDzgn3Y5h6sriJdIDXDM0bF9b7:rXa3Kw/gnShk8zMgb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78a776aa78900f29d47983deeec7052f

Files

78a776aa78900f29d47983deeec7052f
.exe windows:4 windows x86 arch:x86

a84af70d72074e85c450f5c5ae447008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
InterlockedExchange
GetLocaleInfoA
HeapCreate
GetACP
SetErrorMode
CloseHandle
EnterCriticalSection
LoadLibraryExA
GetStdHandle
RaiseException
GlobalFree
ResetEvent
GetLogicalDrives
Sleep
FindFirstFileExA
ReleaseMutex
VirtualProtect
GetSystemDirectoryA
GetLastError
GetCommandLineA

user32

SetForegroundWindow
GetCursorPos
ShowWindow
GetFocus
ReleaseDC
FlashWindowEx
BeginPaint
DrawTextA
GetClassNameA
FrameRect
IsIconic
wsprintfA
GetActiveWindow
GetParent
FillRect
GetWindowTextA
ValidateRect
GetWindow
EndPaint

dnsapi

DnsFree
DnsApiFree
DnsStatusString
DnsApiAlloc
DnsApiRealloc

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ