78d946fe048cd8426d48ddcd9a13d5d5 | Triage

Sharing

General

Target

78d946fe048cd8426d48ddcd9a13d5d5
Size

27KB
MD5

78d946fe048cd8426d48ddcd9a13d5d5
SHA1

fbae89801ffe17c9d82201bca5739fe5c6a88f69
SHA256

c28800000df61bce5e352d73b14ce407290db901eee83b04c77492ccc6a22764
SHA512

c7531df8d13b9e1fd753d05c74356d30891a913d1a4afee064e909665a3b8d73b2ef062d116e1f56bcf640d26d6e671c1339937e9391802b9006bbcc2ba5f696
SSDEEP

768:/5MRgoat3h+Wmmd8xqWmCia/Wkl992jfD2JJSfpU0:hMkRnmPxlm89K7ffl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78d946fe048cd8426d48ddcd9a13d5d5

Files

78d946fe048cd8426d48ddcd9a13d5d5
.exe windows:5 windows x86 arch:x86

42517ae2cb573e0862d0198402a6e6bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
EndPage
SaveDC
GetDeviceCaps
RestoreDC
MoveToEx
SelectObject
GetTextExtentPoint32A
SetMapMode
GetStockObject

user32

InvalidateRect
PtInRect
ReleaseDC
IsDlgButtonChecked
SetTimer
ChildWindowFromPoint
SetClassLongA
GetWindowPlacement
DrawEdge
GetWindowRect

advapi32

SetTokenInformation
IsValidSid
RegCloseKey
GetKernelObjectSecurity
LookupPrivilegeValueA
LookupAccountNameA
StartServiceA
AddAccessAllowedAce
OpenProcessToken
GetTokenInformation

ole32

OleUninitialize
OleCreateLinkFromData
CoIsHandlerConnected
OleQueryCreateFromData
OleCreateFromData
OleQueryLinkFromData
CoFreeUnusedLibraries
CoCreateInstance
CoGetStdMarshalEx
OleRegGetMiscStatus

kernel32

SetErrorMode
DeviceIoControl
FileTimeToLocalFileTime
FindResourceA
TerminateProcess
SetConsoleCtrlHandler
HeapDestroy
FindFirstFileA
GetFileType
InitializeCriticalSection
InterlockedExchange
TerminateThread
GetCurrentThreadId
CreateProcessA
VirtualQueryEx
lstrcmpiA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ