76286e61e17769f9744f616240284bda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76286e61e17769f9744f616240284bda
Size

128KB
MD5

76286e61e17769f9744f616240284bda
SHA1

37d009bca0273f8532b792d1ad2bfdda57f1dded
SHA256

25455b648db4f8d52a62f92c1e50a214e074bd1cd4e9ee9e3ed85d8b8cc09fa3
SHA512

62dfe5a0c4e58da3f21a5d697c2467be02f247b5ca4322f97ee6270a53f41f0cd516e5bf1946c8908642ce3d26cfea66e5dc9a29f331ea7b4d9e1677d70a5c20
SSDEEP

3072:BW/eMcXEobrWKh32IIIu2zOK4W1P776LCDf+wMcsYKNYG5SxHN:BW/1cXEYrFlIIuY1v62Df3+Y3Lt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76286e61e17769f9744f616240284bda

Files

76286e61e17769f9744f616240284bda
.exe windows:1 windows x86 arch:x86

af78250acbfbaa2e3fa57979c0382978

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
_adjust_fdiv
_exit
__setusermatherr
exit
memcpy
_XcptFilter
_except_handler3
__p__fmode
_controlfp
__set_app_type
__p__commode

gdi32

SelectObject
SetBkMode
DeleteObject

kernel32

GetModuleHandleA
GetStartupInfoA
VirtualAllocEx
VirtualFree
VirtualProtect

user32

GetDlgItem
GetMenuItemCount
InvalidateRect
DefFrameProcA
KillTimer
PtInRect
LoadCursorA
FindWindowA
IsWindowVisible
BeginPaint
EndPaint
IsDialogMessageA
RegisterClassA
wsprintfA
SendMessageTimeoutA
IntersectRect

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ