97dfffb79d5fc3a8d35686b4d76b910d7973cbc64a09babf6dbac328d5732197 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97dfffb79d5fc3a8d35686b4d76b910d7973cbc64a09babf6dbac328d5732197
Size

962KB
MD5

e51d8520e4e914b9a4521d1a2ad90440
SHA1

59e6dbc8ecb4a51a977d4bb17dfd2ae5dbb260c7
SHA256

97dfffb79d5fc3a8d35686b4d76b910d7973cbc64a09babf6dbac328d5732197
SHA512

cac3b9381839ed0d30189ba0415bea9b9577f41c300e841394e9183270937a14e9e0e54035369eeedced00e9b34c816b275b35ad10346973cf0f6357f6ab6b6e
SSDEEP

24576:sdTf7mHX5hYjGkMFIddING9WH3yfWj/CYOLQ3u/Eq25zUg:sZfKF7wexCn2u/Eq2r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97dfffb79d5fc3a8d35686b4d76b910d7973cbc64a09babf6dbac328d5732197

Files

97dfffb79d5fc3a8d35686b4d76b910d7973cbc64a09babf6dbac328d5732197
.exe windows x86

1151e4ce5d96664bc18b5f6a382e3238

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

InternetSetStatusCallbackW

version

VerQueryValueW

setupapi

SetupDiDestroyDeviceInfoList

ddraw

DirectDrawCreateEx

user32

ReuseDDElParam

gdi32

SetRectRgn

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExW

shell32

DragQueryFileW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW

ole32

RevokeDragDrop

oleaut32

SysStringLen

winmm

timeGetTime

oleacc

AccessibleObjectFromWindow

imm32

ImmGetOpenStatus

Sections

.text
Size: 837KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE