7b68e1044e8a3ccb75b2b16d20139d2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b68e1044e8a3ccb75b2b16d20139d2a
Size

177KB
MD5

7b68e1044e8a3ccb75b2b16d20139d2a
SHA1

f7071b31308e910d6a7f280d37bf3ee235214df2
SHA256

3e8cb4147c88cee0aff2314598638bb0e1277624107051973dd65767e70ccca8
SHA512

2897c3ca3c8c99e312e9ab19cf5567e468e4bb52829eeaa14d2fb81ead1ef109f545678066f10a3ee25876e028916689aa0eb90327a651cee1b978d31554bf96
SSDEEP

3072:BEObrE3xLE3A6ZE3XFEiWL+DEQ+ypVJVwxEsyPcRuRetNThjL1lsWcU:SdlEQRnFEiWGEQTpVbuEsZL1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b68e1044e8a3ccb75b2b16d20139d2a

Files

7b68e1044e8a3ccb75b2b16d20139d2a
.exe windows:4 windows x86 arch:x86

f5a00edd4f0200c8514e7cbc1475cd26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

CloseCluster

user32

DefWindowProcA
LoadAcceleratorsA
EndPaint
SetWindowRgn
BeginPaint
MoveWindow
GetDC
IntersectRect
SetFocus
CharNextA
SetWindowLongA
GetKeyState
UnregisterClassA
GetDlgItem
GetWindowRect
SetDlgItemTextA
OffsetRect
DestroyWindow
ReleaseDC
PtInRect
EqualRect
GetActiveWindow
SetParent

kernel32

GetProcessHeap
GetLongPathNameW
HeapReAlloc
LoadLibraryA
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
lstrlenA
SetThreadContext
lstrcpyA
GetWindowsDirectoryA
GetFileAttributesA
GetVersion
HeapAlloc
HeapFree
EnumResourceTypesA
FindResourceA
lstrcatA
LoadResource
LockResource
IsBadWritePtr
lstrlenW
ExitProcess
DisableThreadLibraryCalls
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
EnterCriticalSection
InterlockedIncrement
InitializeCriticalSection
lstrcpynA
InterlockedDecrement
GetLocaleInfoA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ