da373f36d408f44bd8c877cc730eb10d8e2a946b9cefe6438249c79de75a177a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da373f36d408f44bd8c877cc730eb10d8e2a946b9cefe6438249c79de75a177a
Size

3.0MB
MD5

18884129046a76b6d8228bd5eb7e208f
SHA1

0dac48c964cbec5da7a78b0c5d64dfde0e9d64cb
SHA256

da373f36d408f44bd8c877cc730eb10d8e2a946b9cefe6438249c79de75a177a
SHA512

016dab218eb0f2203bb5183d6961d86fc96be876d07ca6dd22c7975b1503e106fd0a679375f4478c88bc1951544ec272d9f4c228d8415b2ffe235a2e30d9ad7e
SSDEEP

49152:L+M7z0XtoasI+Co1G8AXYKH2PQpfN3lJMIl4nI0y4+NMdRiEuH7czEzNZcHEBxtP:iu0XtNn/+G/H2Yn4I4l+NIR9ubeEkW+O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da373f36d408f44bd8c877cc730eb10d8e2a946b9cefe6438249c79de75a177a

Files

da373f36d408f44bd8c877cc730eb10d8e2a946b9cefe6438249c79de75a177a
.exe windows x86

573f632d8fc14aee509d65f500b36486

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetLastErrorA

version

VerQueryValueA

gdi32

UnrealizeObject

msimg32

TransparentBlt

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

imm32

ImmGetOpenStatus

winspool.drv

OpenPrinterA

shell32

Shell_NotifyIconA

comdlg32

PageSetupDlgA

oledlg

OleUIObjectPropertiesA

winmm

sndPlaySoundA

wsock32

WSACleanup

winpplb

B_Draw_Box

Sections

CODE
Size: 2.9MB - Virtual size: 21.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE