78b7cd81e8c76d0d3ccf7433033079c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78b7cd81e8c76d0d3ccf7433033079c0
Size

803KB
MD5

78b7cd81e8c76d0d3ccf7433033079c0
SHA1

1236845c996bf4a1788a96a5654adcdd7dae3a9a
SHA256

13119d5a843538d9833a1e1561d784e8c93914605dfe0783c84c29113d62d671
SHA512

ad6fa5eebb53f92111344b9f4e6443b510f38c02b3b8b77dc83c21f60a033f3f896aa447f05bd9b80207ff9c3c5b524acbceeff7a6e53b98f63d22f0c1060358
SSDEEP

12288:lqwTaz3tU7vHUcuDEWuliCYTq5CLAA07g3DpoDnNbjfRFRu7BqRmBdhHQ:8wT49kUcGDqh9L79DNb7XOqRqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78b7cd81e8c76d0d3ccf7433033079c0

Files

78b7cd81e8c76d0d3ccf7433033079c0
.exe windows:5 windows x86 arch:x86

f9baaf09370b52b27997c068c854ba53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetModuleHandleA
DeleteFileW
GetDriveTypeW
OpenMutexA
OpenEventW
GetCurrentThreadId
GetTickCount
GetModuleFileNameA
GetVolumePathNameA
PulseEvent
CreateFileW
GetProcessVersion
SetFilePointer
GetConsoleMode
CreateFileW
GlobalFlags
CreateDirectoryA
LeaveCriticalSection
SetFileTime
DeleteFileW
FindAtomW
HeapDestroy
VirtualProtectEx
GetFileAttributesA

user32

GetWindowLongA
wsprintfA
GetWindowLongA
MessageBoxA
DestroyIcon
PeekMessageA
LoadCursorA
DestroyMenu
GetWindowTextA
IsMenu
SetRect
SetFocus
DispatchMessageA

dot3msm

Dot3MsmDisconnect
Dot3MsmFreeProfile
DllMain
Dot3MsmDeInit

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE