76485fd4798cb10ed118cbaec9ba0e80 | Triage

Sharing

General

Target

76485fd4798cb10ed118cbaec9ba0e80
Size

53KB
MD5

76485fd4798cb10ed118cbaec9ba0e80
SHA1

295428c66d8d53e78855cbc3f1934a9698cf9122
SHA256

3dc8c89cdc72d08cc3fdb6e92b9a425b794350718c147aba2bb4b82380433add
SHA512

0cc8dd75cc88f9a7b3da31cd58b44d0b3b51bef108893b692367ce9518842ac3c9503cb4e47673784968e20f8100976bd49d91aa26a705cf1bf2decd25d1a619
SSDEEP

768:b/qWhHDieFOw3iRkf5UdDF91ELPV5WGVPVIf6T/O24bioDL6ShBE:LTLFOSiJDFk8GVNIf6T2TDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76485fd4798cb10ed118cbaec9ba0e80

Files

76485fd4798cb10ed118cbaec9ba0e80
.exe windows:5 windows x86 arch:x86

1b3f6f7e8b1e7a4bf56d07beb83511b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

kernel32

lstrcpynW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wvnsprintfA
wvnsprintfW

user32

DispatchMessageA
DrawIcon
GetClipboardData
GetForegroundWindow
GetMessageA
GetWindowLongA
GetWindowTextA
OpenWindowStationA
PeekMessageA

Sections

.text
Size: 43KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.datax
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 992B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ