328b2ae13f1fd8fd56a754711176a533a94a4241023cdfdc4776d3f647cbc64a | Triage

Sharing

General

Target

328b2ae13f1fd8fd56a754711176a533a94a4241023cdfdc4776d3f647cbc64a
Size

1.4MB
MD5

2df111aa70aadf9353206676006b7fa9
SHA1

d8edf43bb5ddb8227008f9a6969b0eaf1dc047a6
SHA256

328b2ae13f1fd8fd56a754711176a533a94a4241023cdfdc4776d3f647cbc64a
SHA512

bfd661ac9c1e1d5902bbc500b071842379121f1cbdaeefc05122d63c58bb19ea2fe4ce80d9086f8ee0434c6ac491a7fe833dabdfc0bd4df3be572ef86f1adabd
SSDEEP

24576:waI8psIn/MMuiHOBrAodqzQoVLSFao3j7aLgzcwD2KtLrNQUV1Tw:waIEsMlzBQooFaijZDjrNXV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
328b2ae13f1fd8fd56a754711176a533a94a4241023cdfdc4776d3f647cbc64a

Files

328b2ae13f1fd8fd56a754711176a533a94a4241023cdfdc4776d3f647cbc64a
.exe windows x86

9f2fd7c946046bfd2f071b649d545446

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

opengl32

wglMakeCurrent

gdi32

UnrealizeObject

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

urlmon

CoInternetCreateZoneManager

wininet

InternetCheckConnectionA

shell32

Shell_NotifyIconA

winspool.drv

OpenPrinterA

comdlg32

GetSaveFileNameA

oleacc

LresultFromObject

winmm

sndPlaySoundA

wsock32

WSACleanup

glu32

gluSphere

Sections

.text
Size: 1.4MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE