76a55a66d134fff656b2d6203e511adb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76a55a66d134fff656b2d6203e511adb
Size

312KB
MD5

76a55a66d134fff656b2d6203e511adb
SHA1

a41b93d4359062188fb2f0c2c68998f3bc184df2
SHA256

d3af7bdbc942e8cb18e0ff2aa64629d67e5abda0d8fe79588526027efddadff7
SHA512

0cdd8cb643d2949494f446ed7fb4b91b7bdc3c4c4734894962007d2c62631a0c4c97649d48fb83546cc3017b2d9d920585a5fdda0949ec2d13a32462e7939b60
SSDEEP

6144:1H/5g9aMuem9vTHCIdXI8nFVKjdpYCqHX0bjKjREHhpPEf:N6DqldXI8nFVKUCPjmEPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76a55a66d134fff656b2d6203e511adb

Files

76a55a66d134fff656b2d6203e511adb
.exe windows:4 windows x86 arch:x86

814d25f52dd5e04569bebd748b045e38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetOEMCP
Sleep
ResetEvent
GetACP
WriteConsoleA
CreateFileW
GetCommandLineA
MultiByteToWideChar
GetDateFormatW
WideCharToMultiByte
InterlockedExchange
GetSystemTime
GetSystemInfo
ExitProcess
LocalFree
HeapDestroy
GetModuleHandleA
GetVersion
FormatMessageA
GetCurrentThreadId
GetCommandLineW
VirtualProtect
lstrcmpA
GetCurrentProcessId
HeapAlloc
CreateEventA
CreateThread
SetConsoleCP
GetSystemTimeAsFileTime
GetTickCount
SetStdHandle

advapi32

RegOpenKeyExW
OpenSCManagerW
RegDeleteValueW

msvcrt

_CxxThrowException
_amsg_exit
_wcsnicmp
memmove
__setusermatherr

gdi32

DeleteObject

user32

CreateWindowExA
GetMenuItemCount
SetFocus
CreatePopupMenu
InvalidateRect

lz32

LZClose

ole32

CoTestCancel

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE