79cb37d2bca9d27c093c6f9e15e30afb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79cb37d2bca9d27c093c6f9e15e30afb
Size

102KB
MD5

79cb37d2bca9d27c093c6f9e15e30afb
SHA1

36820849f4dd96d7ef0235255ead90793143a58e
SHA256

8a9e0fc48444eb715210aa346b7c7e8a075dd558f92d67a4b3936868d1a28be3
SHA512

872add68129e213f15e9e086293efd226caf0c93119bed4a9ad061d51e2433379799270eec8e5da4efff31d386e7596ce0a9dc129ad5e3c86eb0e05124a91d91
SSDEEP

1536:z0Z0bi+LlQ+oCcSlM6qncOY5zjdGYHiMa+7aJlX5MRTk+pNhr0CN1:RbNlmCXsn+hhG3P+u29kI90C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79cb37d2bca9d27c093c6f9e15e30afb

Files

79cb37d2bca9d27c093c6f9e15e30afb
.exe windows:4 windows x86 arch:x86

4677abb09d14b900b33d11236e85527a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRChrA
wvnsprintfA

imagehlp

CheckSumMappedFile

kernel32

lstrcmpiA
FreeLibrary
GetFileAttributesA
CopyFileA
CreateFileA
Sleep
DeviceIoControl
HeapFree
lstrcatA
GetFileTime
CloseHandle
SetFileTime
lstrcpyA
WriteFile
CreatePipe
lstrlenA
GetProcessHeap
HeapAlloc
GetFileSize
SetFilePointer
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
DeleteFileA
GetPrivateProfileStringA
MoveFileExA
GetPrivateProfileIntA
GetTempPathA
GetTempFileNameA
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetVersionExA
GlobalAlloc
LoadLibraryExA
GlobalFree
CreateDirectoryA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyA

shell32

CommandLineToArgvW
SHGetSpecialFolderPathA

ole32

CoCreateGuid

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mysec1
Size: 512B - Virtual size: 431B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE