79a1f9d891f24be386fb0cdeddf53d26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79a1f9d891f24be386fb0cdeddf53d26
Size

165KB
MD5

79a1f9d891f24be386fb0cdeddf53d26
SHA1

0858b64eaf1f47ae9b8aedaef7ef2c2a204453f2
SHA256

4c77d0472dd10af6b5000b4c07c0858bbac5637a2c42491b00a898d39415e0b8
SHA512

4200ebc6fc6ffb14206032a77e694748f834bc003acb51df4b6ae2df4da4695a8e154f8ce7e136c1789d465b58c6e0d47bdd5748e72210739b990e4577414067
SSDEEP

3072:nCCgfGQ0j8GR52joElqvhsXoRfWHk6GRCOtmSJAHbEmOXnHTX5/N7J:CC6l0wGRQUEws4bDCAZAHGnHTX5lJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79a1f9d891f24be386fb0cdeddf53d26

Files

79a1f9d891f24be386fb0cdeddf53d26
.exe windows:4 windows x86 arch:x86

674d187d1ba53d03c39920fbf6459789

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
SetErrorMode
WritePrivateProfileStringA
GlobalGetAtomNameA
CreateFileA
lstrcpyA
WriteProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetModuleFileNameA
GetCurrentProcessId
FormatMessageA
FindResourceA
GetFileAttributesA
EnumResourceTypesA
LoadResource
SetUnhandledExceptionFilter
TerminateProcess
IsDBCSLeadByte
CreateDirectoryA
LocalAlloc
LoadLibraryExA
GetPrivateProfileIntA
GetProcessTimes
lstrcatA
IsValidCodePage
GetCommandLineA
GetProfileStringA
GetPrivateProfileSectionA
GetTickCount
lstrcpynA

shell32

SHIsFileAvailableOffline
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
DragAcceptFiles
ShellExecuteExA
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ