80476ee4233c618a016acfba7da33e64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

80476ee4233c618a016acfba7da33e64
Size

637KB
MD5

80476ee4233c618a016acfba7da33e64
SHA1

aebfcc4a99935582744ed6f392db1311479c6a56
SHA256

3dfdf2d46ed9fe4e7155d4577aa29fc4b972f57899f47df1e3d2a49087288277
SHA512

68b5a2f3142dec951fbc951235fe433c957442cdf3194304dbda9d59cbec0b7b4f8dbc4a219ff487a9747844d6828208f420eb3935e06ff68c061dcb8a855068
SSDEEP

12288:JRDi8qTUQ9r0wR2M2cx/QdsKmXvrgvzb17nRDoJ:JRH0UQdx2Fcy+K0jwNLRD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80476ee4233c618a016acfba7da33e64

Files

80476ee4233c618a016acfba7da33e64
.exe windows:4 windows x86 arch:x86

d66865b23bc387b35235d3477a18fc51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
VirtualProtect
GlobalMemoryStatus
GetTapeStatus
HeapDestroy
GetTimeFormatA
HeapCreate
GetUserDefaultLCID
GetModuleHandleA
ResumeThread
GetOEMCP
GetCommandLineA
PeekConsoleInputA
GetSystemTime
GlobalSize
InterlockedExchange
IsDebuggerPresent
GetCurrentProcessId
LoadLibraryA
FreeConsole
GetACP

user32

AnyPopup
GetDC
FrameRect
GetCursorPos
GetClassNameA
wsprintfA
GetTitleBarInfo
ShowWindow
SetForegroundWindow
GetFocus
EndPaint
ReleaseDC
DrawTextA
CreateIcon
FillRect
GetWindow
DragDetect
GetParent
BeginPaint

ntshrui

SetFolderPermissionsForSharing
IsFolderPrivateForUser
IsPathSharedA
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ