b7e3395e27cbad68d8fad8e83489e7af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7e3395e27cbad68d8fad8e83489e7af
Size

55KB
MD5

b7e3395e27cbad68d8fad8e83489e7af
SHA1

28609d0fa8d047318005cfa898dd12b85046a2cd
SHA256

3e98e5d8a40a51da5890e323da4cff20ab5bf7b1cd9ee9218ab698c2983f193c
SHA512

a52b3d9409610ed55d4f35999bfcfdd9136baa85e195111a550889385f19ec989120ee76f66be2417e7238558a4d978961c741250c2435d4f8a79c77df0cd703
SSDEEP

1536:hbCY0auVI2wxlNNsb5Fr9vHmwgsrB6JGvPlVYkuKW:hbV0Zu2YQ5Fppdra6Py

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7e3395e27cbad68d8fad8e83489e7af

Files

b7e3395e27cbad68d8fad8e83489e7af
.exe windows:4 windows x86 arch:x86

3796fbb110b672267fa87978c12f6bb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
CreateWaitableTimerA
ExitProcess
ReleaseSemaphore
SetDefaultCommConfigA
SetThreadExecutionState
SetVolumeLabelW
_lopen

advapi32

AllocateLocallyUniqueId
ConvertAccessToSecurityDescriptorW
CryptAcquireContextW
EqualPrefixSid
GetAccessPermissionsForObjectW
GetMultipleTrusteeOperationW
LookupAccountSidW
RegUnLoadKeyA

user32

ChangeClipboardChain
DestroyAcceleratorTable
DrawCaption
EnumClipboardFormats
GetKBCodePage
UnregisterClassA
ValidateRgn

gdi32

CreateDIBPatternBrush
CreateDiscardableBitmap
CreatePolygonRgn
EnumFontsA
GdiFlush
GetCurrentObject
GetKerningPairsW
GetMiterLimit
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextExtentPoint32A
PlayEnhMetaFile
SetWorldTransform
StartDocW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE