799b2537fb5ed348f28b024c6c9f7d34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

799b2537fb5ed348f28b024c6c9f7d34
Size

54KB
MD5

799b2537fb5ed348f28b024c6c9f7d34
SHA1

2c306bf13ee5d98c26a8e3a2381a362483f6fc60
SHA256

3a443bef6a9375b38330330d1a5a496e9f9974366fed6aa6e895709cfc505951
SHA512

9e0309676c0b391cb71a7704178713cc86996d2e6f46cb083e19701a09ebd287a102cf1e3f30930e53bfa6e68f12117d38f5271942529302fb3dad6453d4c26f
SSDEEP

768:72pRNrsGZloUdzRitpcTMqWNU+KD4FV2LsR:72vqu/epqMqqU+hV2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
799b2537fb5ed348f28b024c6c9f7d34

Files

799b2537fb5ed348f28b024c6c9f7d34
.exe windows:4 windows x86 arch:x86

fbf6e3c8487145f6c20aa3afd7916396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AddAtomA
DeleteFileA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter

msvcrt

_fstat
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
exit
fclose
fgetc
fopen
fprintf
fputs
fread
free
malloc
memcmp
memcpy
memset
perror
printf
setbuf
signal
sprintf
strcpy
strlen
system

user32

FindWindowA
GetForegroundWindow
GetWindowLongA
ShowWindow

comdlg32

GetOpenFileNameA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ