781cc50feae0103a6437b6455d452a45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

781cc50feae0103a6437b6455d452a45
Size

130KB
MD5

781cc50feae0103a6437b6455d452a45
SHA1

1498cd3e5120b75ce2132a64871a037282252226
SHA256

d006bef7a10a4118d400ed3921dd1e0726a0f4635d6c650ad50bcaf24d090462
SHA512

25c2fd333649a3135e0eaebeacc182b53b91dd32481306a9db4156f0d7342e2451c45f2f5fc8e52f04211109d374b072ba97cbff6727196dfa7536e90d66d6c3
SSDEEP

3072:f8012XnUA2cdI11TbonxK2yESTmD6v83pk99khX86:05VSTonxKWc1MB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
781cc50feae0103a6437b6455d452a45

Files

781cc50feae0103a6437b6455d452a45
.exe windows:1 windows x86 arch:x86

bae015a4eff7c5c4004af9e723b53b5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CreateFileW
GetCurrentThreadId
MultiByteToWideChar
GetCommandLineW
SetFilePointer
GetCurrentThreadId
SetFilePointer
lstrcmpiW
GetStartupInfoA
lstrlenW
CreateFileW
WideCharToMultiByte
HeapFree
EnterCriticalSection
HeapAlloc
GetCurrentProcessId
UnhandledExceptionFilter
DeleteCriticalSection
GetCommandLineW
GetVersionExA
lstrcmpiW
InitializeCriticalSection
InterlockedIncrement
lstrlenW
HeapFree

user32

RegisterClassExW
GetSubMenu
IsDialogMessageW
CreateDialogParamW

shell32

SHGetFileInfoW
Shell_NotifyIconW
DragAcceptFiles
CommandLineToArgvW

Sections

.text
Size: 123KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE