77179138ab6d1b52445c465c5795f39a | Triage

Sharing

General

Target

77179138ab6d1b52445c465c5795f39a
Size

48KB
MD5

77179138ab6d1b52445c465c5795f39a
SHA1

5d7e57f70e095a945c7259d3accb5faf5598241a
SHA256

3834511b6856b6d15900059a44d75a3449c5c2207ad0ecac2b2e62f90f92bd7e
SHA512

c20f0a07726cb2009c72c59cdebcde6519d439ba7037ebc7617da60f08de26cdcdfd0602741f0ac21c98ab87bba4391bc6440b9ebf2bee84a4a86ba52f29c98f
SSDEEP

1536:RuUcVp5P/Dun+bfEsARefJYcufL4QAYnV:RuUchzk+rEFeG0/YnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77179138ab6d1b52445c465c5795f39a

Files

77179138ab6d1b52445c465c5795f39a
.exe windows:5 windows x86 arch:x86

9ba78aa425dd9d61c0a9430dc4e45ce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
SHDeleteKeyA
StrCmpNIA
PathCombineW
PathFindFileNameW
wnsprintfA
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIW
StrStrW
wvnsprintfW
wnsprintfW
wvnsprintfA

advapi32

CryptReleaseContext
DuplicateTokenEx
RegDeleteValueA
RegCloseKey
CryptCreateHash
CryptGetHashParam
RegQueryValueExA

Sections

.ihyz
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.unejcn
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bqv
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ