766b0b63a8bd468e7ca1c55067364170 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

766b0b63a8bd468e7ca1c55067364170
Size

636KB
MD5

766b0b63a8bd468e7ca1c55067364170
SHA1

e51ac76d1e2713594a569e97c8d82a48a2f4aef5
SHA256

33f645b99107a204e29d43fa0fdaf8ebd83c54e5bc1be3d6d0231d4be2be1a8a
SHA512

6a23b800d5c785a87e7672cd63e97b7d8b357b0230127232372570408b30c0b707fae16f870d8ab030210ab1c04fe39134ab85f8440303dad09678e12d033fa6
SSDEEP

12288:MAeFV4TULyn6WjrUpDLeswTzKuQ0Snf2ulV65CVJqP5:u4T6ArU5Lo6Ou+uJqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
766b0b63a8bd468e7ca1c55067364170

Files

766b0b63a8bd468e7ca1c55067364170
.exe windows:4 windows x86 arch:x86

13559ab01ccc0333108f771f3cc411d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
lstrlenA
GetTickCount
CloseHandle
SetConsoleCP
GetModuleHandleA
SuspendThread
GlobalUnlock
HeapReAlloc
GetVersion
LoadLibraryExA
CompareFileTime
InterlockedExchange
GetConsoleCP
VirtualProtect
GetStdHandle
HeapCreate
GetSystemDefaultLangID
GetCommandLineA
WaitForMultipleObjects
GetAtomNameA

user32

DialogBoxParamA
DragDetect
DrawCaption
SetPropA
CreateIcon
InvertRect
SetWindowPos
DragObject
DestroyMenu
DispatchMessageA
InsertMenuA
IsDialogMessage
FillRect
FindWindowA
CreateMenu
SetScrollInfo
GetKeyState
GetCursorInfo
GetKeyboardLayout
GetDlgItem

winmm

OpenDriver
PlaySoundA
auxSetVolume
CloseDriver
auxGetVolume

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ