79afbe3577e6a76a0c7357e1f2ac467e | Triage

Sharing

General

Target

79afbe3577e6a76a0c7357e1f2ac467e
Size

24KB
MD5

79afbe3577e6a76a0c7357e1f2ac467e
SHA1

fa2da1d323e19ce0816e87148e43aa248931cb01
SHA256

da8e6103e836aee7b8d59d08f95c6507a16477664137c520ff928715d5f4a04c
SHA512

329ece39b28dc524958a863259f8f4e041b2e3f4cebfad7b18f060fe2360098b6db9a1e5105ca3a7f312f6f348d8d28e6469acc8fba5c13fa4d848cf446caed4
SSDEEP

192:HKrWAstBvJnEdCGeNdvsSJ0dRSrQXF8IWFmZBdZDqeFgIVBw+yny9viQhEyyYeBI:fBB8MbdRNmlIeNRMyyRBL+rhdo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79afbe3577e6a76a0c7357e1f2ac467e

Files

79afbe3577e6a76a0c7357e1f2ac467e
.exe windows:4 windows x86 arch:x86

7dd41bd71156150252e023c2bd94c73e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
WinExec
WideCharToMultiByte
HeapAlloc
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP

user32

DefWindowProcA
KillTimer
PostQuitMessage
CreateWindowExA
SetTimer
RegisterClassExA
FindWindowA
GetMessageA
DispatchMessageA
TranslateMessage

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE