7c9c578fd3bd8c3c3a7c6bb738739997 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c9c578fd3bd8c3c3a7c6bb738739997
Size

164KB
MD5

7c9c578fd3bd8c3c3a7c6bb738739997
SHA1

bfa5451da82c10a54b62cb6019b47b6c22921fb4
SHA256

83c40ff3033ad44b108dee0a897baa55cc4f7cf9e1ac521f487b7b53c8687583
SHA512

9abb1754aacd87785fd79f09125a5a412a570b314b16cac67c74cd3ca63b1e9a016259cb86856e66bdc3f3593dc1a8fb955476ca25eebf09aa4a8fe7eca0dc10
SSDEEP

3072:aLJmm9yFuwRmz8/7HqNAa2aLK1pCFP8B1dNM8UCIo/xoRMQfvmcTkK:qmm9y68/7HST2a24P8VNk+Qfvmu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c9c578fd3bd8c3c3a7c6bb738739997

Files

7c9c578fd3bd8c3c3a7c6bb738739997
.exe windows:4 windows x86 arch:x86

e201989e2152e1d4329fe94736a19fc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetComputerNameA
GetCurrentProcessId
CreateMutexA
GetCurrentThreadId
GetCurrentThread
GetSystemDirectoryA
ReadFile
WaitForSingleObject
CloseHandle
LocalFree
DeleteFileA
LocalAlloc
SetEvent
GetWindowsDirectoryA
GetModuleHandleA
ResumeThread
GetVersionExA

advapi32

GetUserNameA

user32

GetClassInfoExA
FindWindowA
RegisterClassA
GetSystemMetrics
GetActiveWindow
PostMessageA
CreateDialogParamA
wsprintfA
ShowWindow
GetWindow
GetForegroundWindow

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ