78b6d3d1be6ae7c7b63a9c3c053f11a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78b6d3d1be6ae7c7b63a9c3c053f11a5
Size

139KB
MD5

78b6d3d1be6ae7c7b63a9c3c053f11a5
SHA1

91451afe3a5e571f0f0a0aaac413645e7d39ab9a
SHA256

31b80d87936637ce0892fc8cd40fb7d0afb2c03c534a3918727ed550ac3d2d49
SHA512

1a47fb413c79b1b473a167a68d05f65910774e394dd488e208cf024eea2d14142dc939b43f4eef1e23629ee42c6a762e5bb1cbfb7091faf636547ca06e3f303b
SSDEEP

3072:slQ9kUDVk4SNqpaHljG4czZNnZjOrXEzX0VTc7DY5L:YmHPulYndOLbWDYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78b6d3d1be6ae7c7b63a9c3c053f11a5

Files

78b6d3d1be6ae7c7b63a9c3c053f11a5
.exe windows:5 windows x86 arch:x86

d1f391de2fe705042372a9399c85928c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
RtlMoveMemory
SizeofResource
LoadLibraryA

user32

SetPropA
MapVirtualKeyW
GetMenuState
GetAsyncKeyState
CallMsgFilter

gdi32

SetGraphicsMode
CombineTransform
ExtFloodFill
OffsetClipRgn
EnumObjects

advapi32

ChangeServiceConfig2A

Exports

Exports

ipdzjzafqbb
kjxvnrzjrkp
mtdkcjurf

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ