7667c8bf704453423147d8eace28e401 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7667c8bf704453423147d8eace28e401
Size

65KB
MD5

7667c8bf704453423147d8eace28e401
SHA1

19d7059fa400ae16d8e974a6567ac00fec341c7d
SHA256

860c4ea3cf7a6f91a212def699d4283abcd7ecb4bf70145ee8fd94c943fddff6
SHA512

91883e594521293de6a47265cdaf4af1c373735128a1ea1984deab615cb34204ae44c21613bb7b80b6c15bd5c64ae2e4ded91737263b694ba993d8a4863cfa80
SSDEEP

1536:NJYQgJKCyTsWvXq+ZROkCgDPra4DmaGeljwNfMeMlS:HhQOpiIRpDPxDmaNljdll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7667c8bf704453423147d8eace28e401

Files

7667c8bf704453423147d8eace28e401
.exe windows:4 windows x86 arch:x86

8cc88a160273c47c5b291cdaa55288e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptHashData
CryptCreateHash
CryptAcquireContextW
GetUserNameW
DuplicateTokenEx
RegSetValueExA
CryptDestroyHash
RegDeleteValueA
RegQueryValueExA
CryptGetHashParam
RegCloseKey
RegCreateKeyExA

kernel32

MultiByteToWideChar
GetFileAttributesA
GetFileTime
VirtualAlloc
lstrcmpiA
VirtualProtect
GetModuleFileNameW
LeaveCriticalSection
OpenMutexW
SetFilePointer
GetFileAttributesW
GetTickCount
CreateEventW
GetUserDefaultUILanguage
GetLastError
lstrcatW
GetModuleHandleA
lstrcpyA
FindNextFileW
GetVersionExW
GetFileSizeEx
GetLocalTime
lstrlenW
GetSystemTimeAsFileTime
GetModuleFileNameA
GlobalLock

user32

GetDlgItemTextA
DispatchMessageA
OpenDesktopA
ExitWindowsEx
CharLowerBuffA
CloseDesktop
GetClipboardData
GetCursorPos
ToUnicode
EndDialog
MsgWaitForMultipleObjects
GetIconInfo
GetWindowThreadProcessId
GetKeyboardState

shlwapi

PathMatchSpecW
PathCombineW
wvnsprintfA
StrStrW
wnsprintfA
wvnsprintfW
StrCmpNIA
PathFindFileNameW
StrCmpNIW
SHDeleteKeyA
wnsprintfW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE