7a1180a0a22687bffbcd1dfc35330207 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a1180a0a22687bffbcd1dfc35330207
Size

748KB
MD5

7a1180a0a22687bffbcd1dfc35330207
SHA1

7716f6169ccd694206478d5a3fb3d1fbd79e93c4
SHA256

5c8d5cbf15caa44ebf487a2b7c9c1e98853a25e1395c7450ad712c65535e3ebb
SHA512

f028136ce9a237a276b7c82aedcf18ee246801b87398c2ecc1cba7e9dd671f18af5252e4f4c2eb650d099d48aaaa1ad6316f55389e0270d7b5fb85db89bb1fb9
SSDEEP

12288:vdQusJz4HySftATxzseveSJ1WkvfHn/x/XjQexywtceXXz4OVNt7+SyreEIBfEcO:vhsJCySlAtA2jPWMfZXjQyNXjV/+SpBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a1180a0a22687bffbcd1dfc35330207

Files

7a1180a0a22687bffbcd1dfc35330207
.exe windows:5 windows x86 arch:x86

b06f2941cb438320cefb7443db354bc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetCurrentDirectoryW
GetCommandLineA
FindVolumeClose
GetDriveTypeA
FindClose
WaitForMultipleObjects
ExitThread
IsBadReadPtr
CreateSemaphoreA
HeapCreate
HeapFree
GetModuleFileNameA
CloseHandle
VirtualQuery
WriteFile
GetModuleHandleA
lstrlenA
LocalSize
CancelIo
CreateDirectoryA
GetFileTime
GetCurrentThreadId
GetFileType
FindVolumeClose

uxtheme

OpenThemeData
GetThemeTextMetrics
GetThemeSysSize
CloseThemeData
DrawThemeBackground
SetWindowTheme
GetThemeBool
CloseThemeData
DrawThemeEdge
IsThemeActive
GetThemeColor
GetWindowTheme
GetThemeTextExtent

fmifs

Extend
Extend
Extend
Extend

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE