f685557b3477634d793af0add4786df9114cbdf72aee399755e5e48afbc1840b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f685557b3477634d793af0add4786df9114cbdf72aee399755e5e48afbc1840b
Size

1017KB
MD5

4756e4198e668a0018c20f40d1c6e765
SHA1

4dbe860d651d28d1bfe05bc31988b10f3bcc53b7
SHA256

f685557b3477634d793af0add4786df9114cbdf72aee399755e5e48afbc1840b
SHA512

27e929c3232ed15a6a1b1a61e5a38ae3c9e8a0dd93445fc3f1e31822679079328faa59ec9a737de42890cbed498d7efe28559ee3be2f3c17bc507cfe009e948b
SSDEEP

12288:QduZT5KX4dZM3Em2uUxxtuOVjCmIV4vhxpxZper9MO1GXO9ogc07jRHZ3RhJ0pV/:yw1o4dqDItn2m5vlaiOc/f0vRHZ50pV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f685557b3477634d793af0add4786df9114cbdf72aee399755e5e48afbc1840b

Files

f685557b3477634d793af0add4786df9114cbdf72aee399755e5e48afbc1840b
.exe windows x86

137502e6ee460d28a90d85262621e376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

dinput8

DirectInput8Create

ddraw

DirectDrawCreateEx

dsound

ord11

avifil32

AVIFileRelease

winmm

waveInClose

opengl32

wglMakeCurrent

user32

SetCapture

gdi32

GetTextExtentPoint32A

shell32

DragQueryFileA

comdlg32

GetSaveFileNameA

shlwapi

SHDeleteKeyA

advapi32

RegCloseKey

oleaut32

SysFreeString

msvcp100

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

msvcr100

_exit

Sections

.text
Size: 727KB - Virtual size: 96.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE