797d3449d0adbc31a77baa0517dfd01a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

797d3449d0adbc31a77baa0517dfd01a
Size

120KB
MD5

797d3449d0adbc31a77baa0517dfd01a
SHA1

dcee5bf446c17f2f18c23e5966495f60748b201a
SHA256

85c492c9dd459132eae18fc78307e7bb8e3149a99e3218483e9692f0ffa39ff9
SHA512

b7e899be87623489e2dffb1f717744ade0f5d42a60f02d874a96af53330a3e6227a04c11530d98def9faffe74a3d3fd37292762c43f2b9c9de92408b80cbc99e
SSDEEP

3072:CeWqhLWoyBSGRtSYSNdKHv6P5YIRKKmu3Bb8ey:CELWoyBSotSYSN86PJRzth

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
797d3449d0adbc31a77baa0517dfd01a

Files

797d3449d0adbc31a77baa0517dfd01a
.exe windows:5 windows x86 arch:x86

c0cc63898f25a536f8b2e2ce105d7600

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\saaduJb\HnKUh\yrsUrbLG.pdb

Imports

gdi32

ExcludeClipRect
EndPath
ExtFloodFill
GetTextFaceW
AddFontResourceW
GetStockObject
CreateSolidBrush

user32

SetWindowPlacement
LoadImageW
SetParent
SendDlgItemMessageA
GetWindowLongA
DialogBoxParamW
DrawIcon
GetWindow
GetScrollPos
KillTimer
DrawFocusRect
GetClassInfoExA
LoadIconW

kernel32

SetMailslotInfo
GetCurrentThreadId
SetFileApisToOEM
FindCloseChangeNotification
lstrcmpiW
GetProcAddress
lstrcpynW
FindClose
FormatMessageA
GlobalAddAtomA
DuplicateHandle
LoadLibraryW
lstrcmpA
GetAtomNameW

Exports

Exports

?iLxOjBarsgale@@YGMDPAI@Z
?tzejUBddwrzB@@YGJDF@Z
?hcthzcdugxjaziEBev@@YGPAIPAME@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ