124da9d42a4de1ab000ca7fb153b384723d36680c617f27f928c1987de3b301e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

124da9d42a4de1ab000ca7fb153b384723d36680c617f27f928c1987de3b301e
Size

4.2MB
MD5

89d040deb265afa0fbd5bd8002924fc4
SHA1

0fa3b62cf5173ee63d6226906176498665a1aab3
SHA256

124da9d42a4de1ab000ca7fb153b384723d36680c617f27f928c1987de3b301e
SHA512

dd39d538ff9dddec06cf0d775da2320366fd202dbcca1ff738c80f9e25d80c6cbfa77d5c071d1c055f399e95bcb33e853bea8dcc9c52a2bdfee921eae12d17e1
SSDEEP

98304:t/CKM9U2Mk0HM65cCW1K3JPVdHLx6oMAx40I5I+Ak/lzm:NHM9BMk0D2KLRxhO0It/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
124da9d42a4de1ab000ca7fb153b384723d36680c617f27f928c1987de3b301e

Files

124da9d42a4de1ab000ca7fb153b384723d36680c617f27f928c1987de3b301e
.exe windows x86

e813c0d97b234c5ff0d2655a6651c575

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

InitializeFlatSB

imm32

ImmSetCompositionWindow

winspool.drv

OpenPrinterA

shell32

Shell_NotifyIconA

wininet

HttpSendRequestExA

urlmon

URLDownloadToFileA

comdlg32

PageSetupDlgA

wsock32

WSACleanup

iphlpapi

GetAdaptersInfo

oledlg

OleUIObjectPropertiesA

avicap32

capCreateCaptureWindowA

winmm

sndPlaySoundA

Sections

CODE
Size: 4.1MB - Virtual size: 31.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE