b854d5a771cddc8ac0a7c15d7cdc179850e004b3477c3f89b9ed86dab7261ff9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b854d5a771cddc8ac0a7c15d7cdc179850e004b3477c3f89b9ed86dab7261ff9
Size

1.1MB
MD5

98c22b16f480e21990fd03869ff91522
SHA1

a8d581f0f7008e3ee23040fc15dad8cc01447ac9
SHA256

b854d5a771cddc8ac0a7c15d7cdc179850e004b3477c3f89b9ed86dab7261ff9
SHA512

cd71bb07728790469d0514a6fc8e83324460e5efbe64c476b232ade3089c079c6e51f4bbcdf973fa163ba86367cdce6f6bccb6cf67b2e4fad762171071a2aca6
SSDEEP

24576:wC+Gs9TrYCE7ODDe8mYMQKrQKTaO3VMZn7UWtJNOq4rxok+I:S79nlUOne8jMcK+0S7Ucbt4rx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b854d5a771cddc8ac0a7c15d7cdc179850e004b3477c3f89b9ed86dab7261ff9

Files

b854d5a771cddc8ac0a7c15d7cdc179850e004b3477c3f89b9ed86dab7261ff9
.exe windows x86

854a5fd576cd92af5c2703e2309ff800

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

user32

GetCursorPos

gdi32

GetSystemPaletteEntries

winmm

waveOutRestart

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

WSAAsyncSelect

wininet

HttpSendRequestA

comdlg32

ChooseColorA

Sections

.text
Size: 1.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE