c78894d47307e7b20c7fdd61c5b61a6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c78894d47307e7b20c7fdd61c5b61a6e
Size

91KB
MD5

c78894d47307e7b20c7fdd61c5b61a6e
SHA1

9b6e7da6fac5adcb278e2bcb00ea523061d2845c
SHA256

65c372860546c44bd90b9456916897cd2be627a1c591de68ccfeafb08bbe0a3c
SHA512

60aba98cf79bd2fc09bc4d515f4c935911e18dc9c32123c55b9ef48d85742b3766a48b08643e7ca67e300563eaebfe2972aa80ea644ca65df8122c9b0ede8de0
SSDEEP

1536:5Y+ih1a7n1KAMA+wSffBWoKgdSOPDYmLqfPOuAobKhu1wmSa36kZ5qdUq45FSknN:TDLYAYnnBDBdBpLqfPOuhmu1w436kZ5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c78894d47307e7b20c7fdd61c5b61a6e

Files

c78894d47307e7b20c7fdd61c5b61a6e
.dll windows:4 windows x86 arch:x86

12562e79b34909d089def98d7cff8bbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowCaret
EndMenu
EndDeferWindowPos
DispatchMessageA
DestroyCursor
CreateMenu
CreateIcon
CloseWindow

kernel32

InterlockedExchange
Sleep
QueryPerformanceCounter
IsValidCodePage
GetOEMCP
GetModuleHandleW
GetFileType
ExitProcess
EnumSystemLocalesA
TlsGetValue

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ