fbcdaf9b95b025387d0c7e03c1e18331e5d3316f427fbb23d3d235ae87a1e0d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbcdaf9b95b025387d0c7e03c1e18331e5d3316f427fbb23d3d235ae87a1e0d5
Size

1.1MB
MD5

5407bccc3737ae8b1d2145b53d0715ef
SHA1

af4eb83e35c17ac015d4adc97c761590ef70b356
SHA256

fbcdaf9b95b025387d0c7e03c1e18331e5d3316f427fbb23d3d235ae87a1e0d5
SHA512

17942990f7738a0838693518987cf7f5bb653ac0b2a3484e3a061912e58ed960726e8f7df7f9e35d23c2e9b40780a167a6d665a5d505a84644f4002dc15f6e09
SSDEEP

24576:Nk/T6YRcR8gziTcDDNslJ5uEEQ50PTqmo04X73IhDtt:PYRcRjMRKTQWrqmgL3wH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbcdaf9b95b025387d0c7e03c1e18331e5d3316f427fbb23d3d235ae87a1e0d5

Files

fbcdaf9b95b025387d0c7e03c1e18331e5d3316f427fbb23d3d235ae87a1e0d5
.exe windows x86

3b37a0968a3d633e26c6593d212713d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

msimg32

AlphaBlend

ole32

ReleaseStgMedium

comctl32

ImageList_SetIconSize

imm32

ImmGetVirtualKey

winspool.drv

OpenPrinterA

shell32

ShellExecuteW

comdlg32

PrintDlgA

avifil32

AVISaveOptionsFree

msvfw32

DrawDibRealize

winmm

PlaySoundA

Sections

CODE
Size: 1.0MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE