d77a2f779eea880956edfc7f7f7becf3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d77a2f779eea880956edfc7f7f7becf3
Size

763KB
MD5

d77a2f779eea880956edfc7f7f7becf3
SHA1

d22603eda0cd89f2b4f4e96ddb76c42147ce643d
SHA256

3e9b20242a6ce97bb17c75188ea454f92e0ec6a508102b8627c8269787dea041
SHA512

8232a24a299fe1afe0ddf34963c2e7c965ad28434d8f18aaae3444fe2736f9d794f4f8557dfd859846679e7d888d17202d30aa8b5c159313ce5398c2f41c78ce
SSDEEP

12288:7GqRxvutZIj61HMZhhrRcliycJgJzuBLCBt/wad/tV62SI/l2VmMP6nHqDj9f7ea:lTv6R1yvnnJgJyB2/w4D/ymHnKDj9fK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d77a2f779eea880956edfc7f7f7becf3

Files

d77a2f779eea880956edfc7f7f7becf3
.exe windows:4 windows x86 arch:x86

dc81387ab3ee1dcdcf34bad8d3d7c2ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHGetSpecialFolderLocation

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 744KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE