79ae2041375726f6c36e71eebfef9f92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79ae2041375726f6c36e71eebfef9f92
Size

41KB
MD5

79ae2041375726f6c36e71eebfef9f92
SHA1

8b8a6aeba89dfcd0c7094b2e3068aa22d9cd73d4
SHA256

fff24432156a0146b5168ff434f67c419e617c16920009d2da977dc1bc81853e
SHA512

dfaed960ac8d21b6a59a2b5d3d04cc5a9e9c866a9a8dbddad26dd899e994677b63d867cfab619afd9794e29cc8521c17ecbe185ecaa411b0f649da5b9b65e194
SSDEEP

768:dvqsSlnjzgJVtftLNRKBwLp+7dtStTA5sep85uA5Mw+:Vqsynjzo4Wp2itTAaepwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79ae2041375726f6c36e71eebfef9f92

Files

79ae2041375726f6c36e71eebfef9f92
.exe windows:4 windows x86 arch:x86

2d35a8e439eb5085f8d64e389adfab30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
OpenThread
EnumDateFormatsA
PrivMoveFileIdentityW
SetFileAttributesA
WriteProfileSectionA
FoldStringA
GetTempFileNameA
UpdateResourceW
GetLongPathNameA
GetNamedPipeHandleStateA

user32

GetParent
SetCursor
GetSystemMetrics
EnumDisplayDevicesW
UnregisterClassW
GetCaretPos
GetScrollRange
EnumDisplayDevicesA
SendMessageW
UpdateWindow
SetWindowWord
TrackPopupMenuEx
CharToOemA
CreateCursor
EditWndProc
SetTaskmanWindow
OpenDesktopA

gdi32

GetFontData
GetClipRgn
GetTextExtentPointW
GetICMProfileA
GetCharWidthA
MirrorRgn
SelectObject
CopyEnhMetaFileA
EngUnicodeToMultiByteN
STROBJ_dwGetCodePage

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
ReplaceTextA
PrintDlgExW
PageSetupDlgA
GetFileTitleW
ChooseColorA
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
dwLBSubclass
PrintDlgA
ChooseFontA

Sections

.text
Size: 5KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE