c766e9015a1dcef1c421a67b7d0c1914 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c766e9015a1dcef1c421a67b7d0c1914
Size

244KB
MD5

c766e9015a1dcef1c421a67b7d0c1914
SHA1

efecb9998a5727e753579a22d9d6969743d36db3
SHA256

d3a3a4198f9d38167f12252fd754bc23145c265196e76f50276bec3924b6ed25
SHA512

c984b39d2c3c26662fb37cb6aa7233c10c61976373227a5e03046f7b5bdd6e0461ff51b815b0b9bd2084008fd65e022b91eb6523d47c7ab83ac8b0e2a0bc8225
SSDEEP

6144:PdUV65Id2L0wHcIwXhv+EhlK7Q5qux9BJiRS:PyV6asQw8ph2EhlPZ9qS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c766e9015a1dcef1c421a67b7d0c1914

Files

c766e9015a1dcef1c421a67b7d0c1914
.exe windows:4 windows x86 arch:x86

9516921bb6f520467433ef60d320c071

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetStartupInfoA
GetSystemDefaultLangID
FreeLibrary
GetLogicalDrives
GetCommandLineA
GetCurrentThread
lstrcatA
TlsFree
TlsGetValue
GetModuleFileNameA
TlsSetValue
GetModuleHandleA
Sleep
GetCurrentProcess
VirtualAlloc
GetDriveTypeA
GetCurrentProcessId
GetCurrentThreadId
TlsAlloc
GetACP

user32

GetWindowDC
GetActiveWindow
BeginPaint
ReleaseDC
GetFocus
UpdateWindow
GetWindowTextA
GetWindow
GetWindowTextLengthA
RegisterClassA
GetDC
GetClassLongA
GetWindowLongA
ShowWindow
GetSystemMetrics
IsWindowVisible
CreateWindowExA
GetForegroundWindow
OpenIcon

advapi32

GetUserNameA
RegQueryValueExA
IsTextUnicode
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

version

GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ