766fd74a439431ff78abfab1f7cb0bbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

766fd74a439431ff78abfab1f7cb0bbc
Size

717KB
MD5

766fd74a439431ff78abfab1f7cb0bbc
SHA1

14303288603648940051e75041d9d63d00976464
SHA256

539775f7b34e174fb2202daa430275da52b0fd9da8f4b7aa83c4d035cf422745
SHA512

f84689d918f48870849c3fe2342d8edc64ba317a5743c7ef5fafbfe2533f16734fd0cbeb6a2fb331f9f86805c612126e88135369d87a9bb7e7cde8ab9c578f72
SSDEEP

12288:KUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQ:OkyTyxnSN4XG00tsL+LQ8cswQwsYC3hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
766fd74a439431ff78abfab1f7cb0bbc

Files

766fd74a439431ff78abfab1f7cb0bbc
.exe windows:4 windows x86 arch:x86

e2b46ad6689b520a223900ca0c4ef2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
CompareFileTime
GetVersion
GetProfileIntA
GetModuleHandleA
GetTickCount
GetAtomNameA
ResetEvent
CloseHandle
GlobalUnlock
GetACP
LoadLibraryExA
lstrlenA
InterlockedExchange
HeapReAlloc
VirtualProtect
FindAtomA
HeapWalk
TlsFree
WaitForSingleObject
SetEvent

user32

GetParent
GetMenu
TranslateMessage
DispatchMessageA
GetSubMenu
DialogBoxParamA
MessageBoxA
ModifyMenuA
EnableScrollBar
PostMessageA
GetScrollRange
ShowWindow
DestroyMenu
InsertMenuA
GetWindowTextA
SetWindowPos
ScrollDC
SetSysColors
GetWindowLongA
LoadIconA
GetMenuStringA
PostQuitMessage
GetDlgItem
EqualRect
SetPropA
InflateRect
UpdateWindow
CopyRect
GetKeyboardLayout

msi

MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ