76effc199a918275ed304328158ec338 | Triage

Sharing

General

Target

76effc199a918275ed304328158ec338
Size

7KB
MD5

76effc199a918275ed304328158ec338
SHA1

edd42d786f1cce0b78f0fbdcd50613f3afae3e22
SHA256

440bafea0c2c4dc15bc6c291aee434f2ed9a760e81b3e5d97786615884d24cad
SHA512

ebefedc5ae1c87169d0bd9a601d6fcc6896614d4b568ea86f6956a8f0acc76c3c557f20232be72dff4b00d967b6a457b82c4a2eb6f7175e92fa1ed519941adb6
SSDEEP

192:7guXRby50YOgDXDNJevRYl0IRsWJWyKpnjaG7W:UuXRb82Ol0IxJWyynjaG7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76effc199a918275ed304328158ec338

Files

76effc199a918275ed304328158ec338
.exe windows:4 windows x86 arch:x86

5fcd07ea8e40d0174429b54ef8dff4df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
lstrcpyA
CancelIo
CreateProcessA
GetStartupInfoA
GetCurrentProcessId
GetThreadPriority
GetCurrentThreadId
GetProcAddress
FreeLibrary
GetACP
LoadLibraryA
GetTickCount
GetCurrentProcess
lstrcatA
MoveFileExA
CloseHandle
CreateFileA
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
GetCurrentThread
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
ExitProcess

user32

GetTopWindow
SetActiveWindow
GetCapture
wsprintfA
GetActiveWindow

gdi32

CreateCompatibleDC
GetBkMode
CancelDC
CreateCompatibleBitmap
GetBkColor
GetBrushOrgEx

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 61B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE