7ff00288f9c86c7dd6c7e9195aaf492f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ff00288f9c86c7dd6c7e9195aaf492f
Size

334KB
MD5

7ff00288f9c86c7dd6c7e9195aaf492f
SHA1

a939f9b57a2b824d786ef61140752771f5e766a6
SHA256

04c9abe0a78e150eefcd73c06a2c302cb919da558f0fbef7504e792d33101ee7
SHA512

6ceae613815634b4a6793628ca5986273178589624643669978d1144865e41f252c18ae0e6e713c706a6611d5ccef54f8cb38697ba52f9c7e8e8beb1d458c9e4
SSDEEP

6144:IBZ1WiSmhdKDAO1s/j5xMQLtb9lbRZ4/5OyyLX/sc8hBZK46wBOmz/Ms6uSvQClA:iZ1WCKDA7j5R9lbR+NyTsThB4w3DTxNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ff00288f9c86c7dd6c7e9195aaf492f

Files

7ff00288f9c86c7dd6c7e9195aaf492f
.exe windows:5 windows x86 arch:x86

ebaf480b202a2fef2a2089021472f8db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash

kernel32

SetEvent

shlwapi

PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CloseWindowStation
EndDialog
FindWindowExA
GetCursorPos
GetKeyboardState
GetKeyState
GetWindowTextA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA

Sections

.rudav
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qjcjkn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zil
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ