77b1ca2f27f1fda3b6a43d1acd524710 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77b1ca2f27f1fda3b6a43d1acd524710
Size

242KB
MD5

77b1ca2f27f1fda3b6a43d1acd524710
SHA1

4d7f6c7078be1eaf9c7e038e47aed0c7077700a9
SHA256

cff63859b66f88a8ee98655df22ee0e2ae7f16c1d601afa8d7c982147f0c213e
SHA512

a1541199f1d376ead44ac9130eb34b0eda7c7f84fded191cdc15ae6c0ab3be950021e2b6159ea69b0eddde459c17431f65bb1394bfd1c38a32c71bf267e09bb8
SSDEEP

6144:2Om3+GoihAffSA2wk7pMOhBdq7IlTkYNk7aEQq4Mfum:21FoihqffYMOvdq7IIYZEaM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77b1ca2f27f1fda3b6a43d1acd524710

Files

77b1ca2f27f1fda3b6a43d1acd524710
.exe windows:4 windows x86 arch:x86

cf8bf2d78196f60ea40fca0e27b0fe6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetDriveTypeW
Sleep
GetModuleFileNameA
TlsSetValue
GetACP
GetSystemDefaultLangID
IsDBCSLeadByte
VirtualAlloc
TlsFree
GetLogicalDrives
GetCommandLineA
TlsAlloc
lstrcatA
GetCurrentProcess
FreeLibrary
lstrcmpA
TlsGetValue
GetModuleHandleW
GetCurrentThread

user32

GetSystemMetrics
GetWindowTextLengthA
RegisterClassA
IsIconic
BeginPaint
GetDC
ShowWindow
ReleaseDC
GetWindowDC
GetFocus
GetClassLongA
GetWindow
IsWindowVisible
GetActiveWindow
GetWindowLongA
CreateWindowExA
GetForegroundWindow
UpdateWindow
GetWindowTextA

advapi32

RegQueryValueExA
RegCreateKeyExA
IsTextUnicode
GetUserNameA
RegCloseKey
RegOpenKeyExA

clbcatq

SetSetupSave
SetSetupOpen
DowngradeAPL
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ