7a5db3806759bbbb1139b80c852fe48b | Triage

Sharing

General

Target

7a5db3806759bbbb1139b80c852fe48b
Size

325KB
MD5

7a5db3806759bbbb1139b80c852fe48b
SHA1

cfefbd064c8cedf5b35b2b386364b4fb2252315c
SHA256

9d77255e52e40142aa05d885a53a1b9e42c5beb69f44e519157d7c5107694907
SHA512

01604dbf22a98a211f82bbf9cf9fffe327335b4dd7fdf1cd69e49af4eb7cf01c25a19e9f0852b464909cd4ad81f1a39e318c72c7b5cd145aa8a33aa079ffd517
SSDEEP

6144:+MGuVHHsrY5r7km8L3EtPg0KrotYhUiEN3mmt7+UQJpN/6pXXxXntcPHj:+ruhH3I0tPSoteU/MmYUUvoxXtc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a5db3806759bbbb1139b80c852fe48b

Files

7a5db3806759bbbb1139b80c852fe48b
.exe windows:4 windows x86 arch:x86

e9dba51f5ef30aca8e067823d3d7c93a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
PostQuitMessage

kernel32

HeapAlloc
GetStartupInfoA
GetModuleHandleA
WriteConsoleW
GetStringTypeA
GetCommandLineW
ExpandEnvironmentStringsA
SetLastError
WriteFile
QueryPerformanceCounter
FindResourceW
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
FindClose
VirtualQuery
HeapReAlloc
GetLastError
FreeEnvironmentStringsA
TlsFree
ExitProcess
GetProcessHeap

msvcrt

_strcmpi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE