b78025b3317750e164036b4747de6740 | Triage

Sharing

General

Target

b78025b3317750e164036b4747de6740
Size

97KB
MD5

b78025b3317750e164036b4747de6740
SHA1

a85df4fc8da8f153f12a48ac4e75079542b09e62
SHA256

58ecc9e459a091569276b08415df517c58f946b7aeb40f253b27b2df3f663eec
SHA512

a2c9cde4bac1ab8a02ea5605fffe2f8a34cc4cd0a7e70757ab03f3a97cc3e92fd62c6ea8b3b477a1a9119056fe224eb358e9d65dd14b1b862adb26783339628d
SSDEEP

1536:+r3GmO5fDVxNHEGmROGafKKu8LrZ1HdM40i9UKDaK9pd+GuRcSl:+i5PBEIGqK+r/HTuKdLtSl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b78025b3317750e164036b4747de6740

Files

b78025b3317750e164036b4747de6740
.exe windows:4 windows x86 arch:x86

de62969c9693d2b54a476867cac61932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStdHandle
ReleaseMutex
GetProcessHeap
CreateThread
GetUserDefaultLangID
LoadResource
GlobalFindAtomA
GetConsoleCP
LocalAlloc
GetPriorityClass
TlsGetValue
SetEvent
CompareStringA
VirtualAlloc
LocalHandle
OpenSemaphoreA
GetThreadLocale
GetOEMCP
GetVolumeInformationA
TlsFree

user32

ReleaseDC
GetWindowTextLengthA
GetClassInfoExA
GetDC
DrawTextExA
GetFocus
GetActiveWindow
GetForegroundWindow
ValidateRect
GetWindow
CloseWindow
GetWindowTextA
IsIconic
ShowWindow
InvalidateRect
IsWindowVisible
GetClassNameA
GetSystemMetrics
RegisterClassA

shell32

SHGetFileInfoA
SHChangeNotify
SHGetMalloc
SHGetFolderPathA
SHBrowseForFolderA

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ