76cf544349c4d0d62a70dadc232db5cc83b76b91ba2d83397397065d3493f421[.]exe | Triage

Sharing

General

Target

76cf544349c4d0d62a70dadc232db5cc83b76b91ba2d83397397065d3493f421.exe
Size

512KB
MD5

ac2cec3f240393f9015b7c6754bdef59
SHA1

36c5790aae838a0fc04f81da8c364bdb04208707
SHA256

76cf544349c4d0d62a70dadc232db5cc83b76b91ba2d83397397065d3493f421
SHA512

3447a336e0b2e8206e77d874abc9b0c2d01c5ea87172b25b707d90a9d1837b903a69deaf09879278156d03852b35a57613b248b84ff9700c9b53f49af091942a
SSDEEP

6144:bHEeraRbpt5e3JVAfqX+2Rr+nxQDBO03yDLC:rEk6z5mvAfLf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
76cf544349c4d0d62a70dadc232db5cc83b76b91ba2d83397397065d3493f421.exe

Files

76cf544349c4d0d62a70dadc232db5cc83b76b91ba2d83397397065d3493f421.exe
.dll windows:4 windows x86 arch:x86

8c16889b59618babb992fc78c46dc389

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
lstrcmpA
SetWaitableTimer
LZCloseFile
EncodePointer
GetProfileSectionA

msimg32

DllInitialize
AlphaBlend

gdi32

EngLineTo
DeviceCapabilitiesExA
BRUSHOBJ_hGetColorTransform
EndDoc
StartDocW
GetBkColor

user32

MoveWindow
LoadMenuA
ExitWindowsEx
CallMsgFilterA
IsCharAlphaW
DrawMenuBar
UserHandleGrantAccess

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ