78040dc926b8dfb29b1c9d279396a848 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78040dc926b8dfb29b1c9d279396a848
Size

80KB
MD5

78040dc926b8dfb29b1c9d279396a848
SHA1

5f8d86e07010d89b54c62f02b44cd609710ca276
SHA256

50ca0787d0f28a490f749e74e3508605b7822ecdca8ef52911f6de467b2dd3e7
SHA512

7798f7762ab644c0ccd1e2edc91c84e15c6eba34b94090ba69a2e109759e4a862b9ad8391a4f5021f18d25a58ad6d88c8f23bc476803893f707bf6301a444ca9
SSDEEP

1536:WzKAU9JrM5+AaxMEggmN4hLcLJvnzqGt4hd1JAWnQRe4Qlo4fqKrrl:WzuMANWEmN40JvnzqGChdXAWee4Qlrq+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78040dc926b8dfb29b1c9d279396a848

Files

78040dc926b8dfb29b1c9d279396a848
.exe windows:4 windows x86 arch:x86

9aa6889d4e7a4eb50ef2b48f4be5dae5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
VirtualProtect
GetVersionExW
FindAtomA
Sleep
SetLastError
FindClose
SetEvent
GetLastError
GetModuleHandleA
FindResourceExA
CreateMutexA
GetTickCount
TlsGetValue
CloseHandle
CreateThread
OpenMutexA
lstrlenA
SearchPathA
ReleaseMutex

user32

IsIconic
CloseWindow
CreateWindowExA
CreateMenu
EndDialog
FlashWindow
EqualRect
GetMessageA
EnableWindow
DispatchMessageA
DialogBoxParamA
CopyImage
GetKeyState
DragDetect

loghours

DirSyncScheduleDialogEx
DialinHoursDialog
DirSyncScheduleDialog
DialinHoursDialogEx
LogonScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ