796c4822bd682ba64f9cc3a8b8f03db4a6818ac06098683bc1788bac13733380 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

796c4822bd682ba64f9cc3a8b8f03db4a6818ac06098683bc1788bac13733380
Size

3.8MB
MD5

bcba7689c489ca2de3c9406311e5ae94
SHA1

0892a117624915bde0883f30c1dc9cb04b95b135
SHA256

796c4822bd682ba64f9cc3a8b8f03db4a6818ac06098683bc1788bac13733380
SHA512

e3ff46d7da3daae160b3763e7842d1e59c9739fbe37878247ac3fb7398defc0b46207821fdb575245cdf6d980bcfa3cef5cbfaa7443230c6687941980670b936
SSDEEP

49152:a8KfO2M6NzR86JkcNKeUDgM5jfcGX8MsLq9x0DPSg/XDATp+SM9DZqcuv:yBJDwgM5jfcGXYLqkDPFK49DT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
796c4822bd682ba64f9cc3a8b8f03db4a6818ac06098683bc1788bac13733380

Files

796c4822bd682ba64f9cc3a8b8f03db4a6818ac06098683bc1788bac13733380
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kkhxelgx
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bjaszxue
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE