78fa9c88daf2ec4bdacf0da982a2e4458122a9e30965bed57dcf28557008b6b1N | Triage

Sharing

General

Target

78fa9c88daf2ec4bdacf0da982a2e4458122a9e30965bed57dcf28557008b6b1N
Size

952KB
MD5

d2b0e3e0fbde35b07f181e70e20ed7e0
SHA1

1bb1676761eaddf9066b74e3cecd4f31b171a8d2
SHA256

78fa9c88daf2ec4bdacf0da982a2e4458122a9e30965bed57dcf28557008b6b1
SHA512

16a52fd8b646a6c80271d3d84a49e6586af76ee8a45523680e028057dfc1405fae757bd3dc1e6cdbc2d2b0d20f5e85e7c1a38944c988a1c4bd5474f4562aef50
SSDEEP

12288:YlB+jtbLN4kKF7N7+7B757U7T7c7i7L767Z77H7t7X7R7F7M7d7h7K7p7z7g7D7Q:aoDqE7g0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78fa9c88daf2ec4bdacf0da982a2e4458122a9e30965bed57dcf28557008b6b1N

Files

78fa9c88daf2ec4bdacf0da982a2e4458122a9e30965bed57dcf28557008b6b1N
.exe windows:4 windows x86 arch:x86

af399eb2e84e710e478920914b944b02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleW
GetStartupInfoW
GetCommandLineW
SetCurrentDirectoryW
GetModuleFileNameW
ExitProcess
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
LoadLibraryA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 540KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ