878c566de276df6679ec513a6450f4b2 | Triage

Sharing

General

Target

878c566de276df6679ec513a6450f4b2
Size

185KB
MD5

878c566de276df6679ec513a6450f4b2
SHA1

f2034a88a23cc38d6bf6aa8faa9173bc6b715b50
SHA256

7df76a319373b547219b28e7222c97527bf6589ca2fa617e683517e98978d059
SHA512

7257d443497fb78933208f5ae61e969dcd0eb46478901b2666e7299e3a5bee2e5a40396dbf4a03d693bf0e416ab7ba8160b81ed31fa0b497e606d80fb25cc867
SSDEEP

3072:3k1qCmOEVlxJJLf8Lk8TpUjwIdunWQrHbMsKJDVHi+mvUQwKizTDLyn6OYBQfmzN:3k1ZmOgxJJ43dOdunX7MPJDVC+g6zjaG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
878c566de276df6679ec513a6450f4b2

Files

878c566de276df6679ec513a6450f4b2
.exe windows:5 windows x86 arch:x86

4727e6fb4b45da20df53ef00054d359f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

PropVariantChangeType
BindMoniker
CoGetObject
CLIPFORMAT_UserFree

rpcrt4

NdrAsyncClientCall
NDRCContextMarshall
CStdStubBuffer_CountRefs

kernel32

FindResourceA
EnumResourceNamesA
VirtualAlloc
GetACP
SetStdHandle
GetModuleHandleA
GetStartupInfoA
EnumResourceTypesA
LockResource
ExitProcess

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE