7fe1468cba765327ce4433861cca650a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7fe1468cba765327ce4433861cca650a
Size

179KB
MD5

7fe1468cba765327ce4433861cca650a
SHA1

ed78f7ae2fbe55a44a589b5a4acc20e3fb63ba30
SHA256

5953091623b88759d41d8aac0b3800078a09986e01f4fc72ce728577af1a6921
SHA512

3321e58ea4cacfa8c18ca54fdba94e41c488e8f0efcc4e8c842c5365a9432e4cc24a8bce59b51b8f35db3584628afa5dc869eba8c271a1f9850996bb1c9c754e
SSDEEP

3072:Fz87oYZRFepdRwrnqKfHPWWL7mQ7i/bJW30nmnvg4SkS:5S3YkqgzYEknio

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fe1468cba765327ce4433861cca650a

Files

7fe1468cba765327ce4433861cca650a
.exe windows:4 windows x86 arch:x86

f1d8674e507f3b7415f59978f9129b34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GlobalGetAtomNameA
CreateDirectoryA
LoadLibraryExA
WritePrivateProfileStringA
LoadResource
GetPrivateProfileStringA
IsDBCSLeadByte
FormatMessageA
CreateFileA
GetTickCount
WriteProfileStringA
EnumResourceTypesA
GetProcessTimes
lstrcpyA
GetProfileStringA
lstrcatA
GetModuleFileNameA
GetCommandLineA
GetPrivateProfileIntA
GetCurrentProcessId
GetPrivateProfileSectionNamesA
SetUnhandledExceptionFilter
IsSystemResumeAutomatic
GetPrivateProfileSectionA
TerminateProcess
GetFileAttributesA
SizeofResource
SetErrorMode
FindResourceA
lstrcpynA

version

GetFileVersionInfoA

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
DragAcceptFiles
SHGetPathFromIDListA
ShellExecuteExA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ