7f8eb835408f8218c34c33dc4a2e806b | Triage

Sharing

General

Target

7f8eb835408f8218c34c33dc4a2e806b
Size

62KB
MD5

7f8eb835408f8218c34c33dc4a2e806b
SHA1

d91b3f29bea6c8644b60aa0c317b3c475c625077
SHA256

b68255fe9072b8a33feec9a357dd0c5e04e34185682c1b2e1e3692b772699924
SHA512

6f4ff84a149c9789a164195c3f94a8cadac2c9dd85f3d8b339fd866d68e08ed3955e69422ffd5fc24828e62fbfc0440fb4e00262f2cb6bc670cf717ac46b95ce
SSDEEP

1536:vEzM6N51xwaEv4Y3uiqArohCv09grC/mMqwUVb:v6XxYvMa9v09aOjA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f8eb835408f8218c34c33dc4a2e806b

Files

7f8eb835408f8218c34c33dc4a2e806b
.exe windows:4 windows x86 arch:x86

e2a7207361cb04cb3d3c67fadb4ddb42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
ReleaseMutex
GetModuleHandleA
GetCurrentThreadId
GlobalLock
GetTickCount
HeapFree
SetEvent
GetEnvironmentVariableW
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultUILanguage
UnmapViewOfFile
GetDiskFreeSpaceW
GetLocalTime
GetFileAttributesA
lstrcpyW
VirtualAlloc
FindFirstFileW
LoadLibraryA
GetAtomNameW
CreateEventW

user32

DispatchMessageA
GetWindowThreadProcessId
SetThreadDesktop
CloseDesktop
GetDlgItem
FindWindowExA
CloseWindowStation
GetClipboardData
GetMessageA
MsgWaitForMultipleObjects
PeekMessageA
OpenWindowStationA
CharLowerBuffA
OpenDesktopA

advapi32

CryptAcquireContextW
CryptDestroyHash
GetUserNameW
RegSetValueExA
CryptReleaseContext
DuplicateTokenEx
RegEnumKeyExA
RegCreateKeyExA

shlwapi

wnsprintfA
PathFileExistsW
SHDeleteKeyA
StrStrW
PathMatchSpecW
PathCombineW
wnsprintfW
wvnsprintfA
PathFindFileNameW
StrCmpNIA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE