b786c14e3a383e617feade18dbc7447d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b786c14e3a383e617feade18dbc7447d
Size

395KB
MD5

b786c14e3a383e617feade18dbc7447d
SHA1

4cf156569fb1641041d6b35277a3041d13943c56
SHA256

59f02ac93c8e9d5dfcbc42a4659a53ccd2a786d57eaa5a19110ef462866b6d7d
SHA512

8ab91b890b9f41e49e3a9b288c436bf584eca6fb5ce34d057db0fc7ef86281e16eaef2b6b3b65c290ad50892e24ea6a05742babb607096ccf9982d19fdb69cb3
SSDEEP

6144:ZiWfRJG8KMBU+xo2e+5bYwCOMeruVipEMS1BWKak/wGY4mswgIxhX8784glfk:ooU+xa8bAe6V1RUKakIGEz8Tsfk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b786c14e3a383e617feade18dbc7447d

Files

b786c14e3a383e617feade18dbc7447d
.exe windows:4 windows x86 arch:x86

993f58effaa6f04cab8092153e851b07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcpyA
ResetEvent
GetCurrentDirectoryA
CreateFileW
CreateThread
LoadLibraryW
GetSystemTime
GetComputerNameA
LocalFree
GetCurrentProcessId
lstrlenA
GlobalUnlock
PulseEvent
Sleep
HeapCreate
CloseHandle
GetCommandLineW
FindClose
UnmapViewOfFile

user32

CallWindowProcA
GetDlgItem
DrawMenuBar
GetDC
GetCaretPos
SetFocus
DrawEdge
CreateIcon
IsWindow
CheckRadioButton
FillRect
DispatchMessageA
CreateWindowExA

cryptui

LocalEnroll
WizardFree
CryptUIDlgCertMgr
CryptUIDlgSelectCA
CryptUIDlgSelectStoreA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ