7b1b642837bd3467deda19f967a01cc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b1b642837bd3467deda19f967a01cc4
Size

120KB
MD5

7b1b642837bd3467deda19f967a01cc4
SHA1

a8e57849c4b9b6005463ec0d371753b79b4b8bd0
SHA256

491118a69eed05c435213aed2fb31fc1ccadff82b83eace2089559d5965f3dff
SHA512

4d689b03802ff081a16dfa292d43343fc43e4b11d52ddc14ed0e8a146a016b58f434d17ed7f9aed1efa613a4eacfea3331e1588cd99149ce96ce7505a430b5e0
SSDEEP

1536:ysfan8HGcj2u8MwgYxPFxzUHNoF8Du5pBUMuuTjBjkljPSwENx24bEA:p0Fcj2u1ZYdGheVuuTBo1w24bN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b1b642837bd3467deda19f967a01cc4

Files

7b1b642837bd3467deda19f967a01cc4
.exe windows:4 windows x86 arch:x86

0609005b98a09a7e0d701e7f7bf869fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fclose
malloc
strcmp
fopen
__setusermatherr
__set_app_type
_except_handler3
strlen
fwrite
_acmdln
_strnicmp
__p__commode
__getmainargs
_exit
_adjust_fdiv
sin
_onexit
_XcptFilter
_initterm
fprintf
free
exit

user32

GetDesktopWindow

kernel32

GetStartupInfoA
GetModuleHandleW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE