4dcd59f5f9b235b1487869001072f68e00e15a4c449336ab06a5e724838ce3f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dcd59f5f9b235b1487869001072f68e00e15a4c449336ab06a5e724838ce3f2
Size

2.6MB
MD5

f47ca958c703e0904ca5bf785fa7f9e7
SHA1

17184679db1b8acc6266a28d99d75c0c2bf8e094
SHA256

4dcd59f5f9b235b1487869001072f68e00e15a4c449336ab06a5e724838ce3f2
SHA512

63ba9aafe70e4a0ae2889bd5fab32daa4bbd479aef73665e04e9fa36a3e1746242ab18f68c338df85542796e825fbedb430066ff5a1793be47fedc6c63211d23
SSDEEP

49152:QSTMnq4qRGf4TUh+oJ7s4OijQ1DDz6Y35xkbX8eRFm0paW5Tkm8SdBdX1:QSTeyRGf4SBJVJiDJPU8eLmS9qmPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dcd59f5f9b235b1487869001072f68e00e15a4c449336ab06a5e724838ce3f2

Files

4dcd59f5f9b235b1487869001072f68e00e15a4c449336ab06a5e724838ce3f2
.exe windows x86

f0fcf9c47ef91abe17304edc15067919

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UpdateColors

version

VerQueryValueA

olepro32

OleLoadPicture

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

imm32

ImmSetCompositionWindow

shell32

ShellExecuteExA

winspool.drv

SetFormA

comdlg32

PrintDlgA

winmm

sndPlaySoundA

oleacc

LresultFromObject

setupapi

SetupDiDestroyDeviceInfoList

hid

HidD_FlushQueue

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 2.6MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE