7d8f51743feee080d66f748f06078271 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d8f51743feee080d66f748f06078271
Size

198KB
MD5

7d8f51743feee080d66f748f06078271
SHA1

afc1ffd82bb0bb062d059caf4a636dae5a87f6a3
SHA256

37a7e61c18f646a2fc8376effb160f14925695c2d0b72f913956e58d5f4bcae3
SHA512

b644718fe1803385592bb32d676ecff562d49e7bfde14ce91f6483fc4b7335083a7a1cd7f186f6d4d31403ae8b712f427f50fc2bd4d0843deae61ba8b7c78fcc
SSDEEP

6144:yBn7yyk0SIgYkKIORtEg3wVcSKaSGi+Ees:Kn7aLIftZ3wVvQ+Ps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d8f51743feee080d66f748f06078271

Files

7d8f51743feee080d66f748f06078271
.exe windows:1 windows x86 arch:x86

faceb54d724eb3bf28dc49c813e408a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
__set_app_type
_initterm
__p__fmode
exit
memcpy
_adjust_fdiv
_XcptFilter
__p__commode
_exit
_controlfp
_except_handler3
__setusermatherr
__getmainargs

gdi32

CreateDIBSection
DeleteObject
DeleteDC

kernel32

GetCurrentProcessId
HeapCreate
GetLastError
GetModuleHandleA
HeapAlloc
SetErrorMode
GetStartupInfoA
VirtualProtect

user32

InsertMenuA
FindWindowA
ShowWindow
SendMessageA
LoadImageA
CreateWindowExA
ScreenToClient
LoadMenuA
GetUpdateRgn
SetMenuItemInfoA
CreateIconIndirect
EmptyClipboard
GetMenu
GetMenuItemCount
DrawMenuBar
GetWindowPlacement
GetActiveWindow
LoadIconA
LoadStringA
LoadAcceleratorsA
EndDeferWindowPos
GetUserObjectSecurity
BeginDeferWindowPos

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ