77e3c16df5047213f5761e319bbed1f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77e3c16df5047213f5761e319bbed1f2
Size

417KB
MD5

77e3c16df5047213f5761e319bbed1f2
SHA1

49058ad2a3d1ae34460b806f8593e18957613493
SHA256

04ebec516ed4718156a7133850b85e4f050a7b33c5cd6df3a46f66328636000e
SHA512

d7a5df07c6f7a41cf186c8ea0abd41be7b8e6d71e3d80a2ee379d7891d52ea5ba7c33bb47e80eab1e971660229d20cb27b973cd964fcd0dc8f31ee0e03eb0cc8
SSDEEP

6144:Orfva7gfJE2LNysc6ubiYl4+vRDp4MoR6Vp5od9:26oSyy9tiLkdyMooH5o3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77e3c16df5047213f5761e319bbed1f2

Files

77e3c16df5047213f5761e319bbed1f2
.exe windows:5 windows x86 arch:x86

db72922a7018b773b487e2991a4ebf3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
CloseHandle
GetCurrentProcess
ExitProcess
LCMapStringA
LoadLibraryA

user32

SetWindowLongA
CreateWindowExA
CloseWindow
CharLowerBuffA
wsprintfA

advapi32

RegEnumValueA
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegDeleteValueA

Sections

.text
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ