9326ea6e2451888b01bb2ed61bae5f7c[.]exe | Triage

Sharing

General

Target

9326ea6e2451888b01bb2ed61bae5f7c.exe
Size

3.8MB
MD5

9326ea6e2451888b01bb2ed61bae5f7c
SHA1

8ea5cfa866eb0ab82cd341ac3ed1c381ec13109f
SHA256

a6876fe9efa8a8cfd87c09e52bee9e313aa6285d79060fe8efec3f7b82438f08
SHA512

24da88e56095406bfe8107407edab2d33db89f6f2e2bbc3d944f05f5093409c222f2b90f90428e56cf4afc2510e522dcae1b13be5164f630e2859a1df02c8282
SSDEEP

98304:4uW2HbA6WrHDvQZfuMquT8xYxliMdQjIypljr+iX3oNT:vW2H8ZjcllqgB9ijIUl3JMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9326ea6e2451888b01bb2ed61bae5f7c.exe

Files

9326ea6e2451888b01bb2ed61bae5f7c.exe
.exe windows x86

a18c466a89c034cf01801b0439542035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA

wsock32

WSACleanup

gdiplus

GdipSetStringFormatLineAlign

Sections

.text
Size: 2.7MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE