75ebf15ae0edfbb55649f0ba550cdece | Triage

Sharing

General

Target

75ebf15ae0edfbb55649f0ba550cdece
Size

1.5MB
MD5

75ebf15ae0edfbb55649f0ba550cdece
SHA1

8bf65878eb3a6a91fe0448d1b7f135eabca615a4
SHA256

786f7df9156b6dd8c898c132195b1271d00b9279bb971e586b3a9b0fa78809fc
SHA512

8b7a4c6a2ced6786439741edd3a6481f7efb0d248104915973bf976c7390e7cf8d1b57577d6a52fb44f8e2a737466923051a382aaf8b8071026a160cc2a9bc14
SSDEEP

3072:Pc53ye97q/AHKEtuqeoxKnYwqu6gTbHKPQHxe2JyoFdjNm:Pc53jiom6MYQffFd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75ebf15ae0edfbb55649f0ba550cdece

Files

75ebf15ae0edfbb55649f0ba550cdece
.dll windows:4 windows x86 arch:x86

e7d67ebfad7eefc73e20dc7f9e558bff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateThread
FindClose
FormatMessageA
GetDateFormatA
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
GetProfileStringA
GetWindowsDirectoryA
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
MulDiv
OpenEventA
ReadFile
SetCurrentDirectoryA
SetLastError
Sleep
VirtualAlloc
WaitForSingleObject
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrlenA

user32

AppendMenuW
CharNextW
CreateWindowExW
DrawEdge
DrawFocusRect
GetMenuItemCount
LoadCursorW
LoadImageW
LoadMenuW
ModifyMenuW
SendMessageCallbackW
SetWindowRgn
TranslateAcceleratorW

Exports

Exports

SfcGetFiles

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ