79c25f00254f51fd17a38301a1dcb061 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79c25f00254f51fd17a38301a1dcb061
Size

5.2MB
MD5

79c25f00254f51fd17a38301a1dcb061
SHA1

1940ae991db0f91db81d9b3a0a45d2a501e849a3
SHA256

36926a4cbb68c2ff85335b0633508cfd4be61ea5c6e70ea3f5139bef92c8c042
SHA512

6609076713bb6b179d6ca4c07614c6f2ef2364b98f733ae880c805cf0ebfb31e9399e9c5b13d8c7d6bc5ef412b266224f3636e38986a6a6205871fed47fb4d37
SSDEEP

98304:3ZbBw3/l6uaRRS4vcy2GzUhLcNc2J4I8d9mSlOhhFctZZgdKtzZn+yfi4l+Z4/CO:tBwPlXIBLFUSNcc40SshwZgdKf+6igwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79c25f00254f51fd17a38301a1dcb061

Files

79c25f00254f51fd17a38301a1dcb061
.exe windows:4 windows x86 arch:x86

191b325bc9f40dbeacb31cec5a223eba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles
ExitWindowsEx

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

winmm

timeGetTime

Sections

.text
Size: 22KB - Virtual size: 29.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE