d1513d7c4bcf205ed6141c4101a2ed42b6bfc807d5c6d1908cf24978db7db284 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1513d7c4bcf205ed6141c4101a2ed42b6bfc807d5c6d1908cf24978db7db284
Size

3.1MB
MD5

6f3e0bdd3bb6d17f9a5a80600a5723ec
SHA1

0243fc78246e1fd18422f39bcb5869c8c740513b
SHA256

d1513d7c4bcf205ed6141c4101a2ed42b6bfc807d5c6d1908cf24978db7db284
SHA512

8152b859406eeb167a2d363c7c8b160beb53c2bff96d6a49153aa8eb66130f31c89631550aee1ee153587e40f0fb95bcc6c86077455d70009d39377193c655e3
SSDEEP

49152:RwyaGcDoO01m2GWDyjCOp2blVNvZOvS/BDoUOECs4oE8QWE:RxheWOpeBOqeUOzszE8QH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1513d7c4bcf205ed6141c4101a2ed42b6bfc807d5c6d1908cf24978db7db284

Files

d1513d7c4bcf205ed6141c4101a2ed42b6bfc807d5c6d1908cf24978db7db284
.exe windows x86

1ff35a328d6fd3f96dc9348f21ed47c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW

comdlg32

GetSaveFileNameW

comctl32

ImageList_GetImageInfo

shell32

SHBrowseForFolderW

user32

MoveWindow

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

CloseServiceHandle

netapi32

NetWkstaGetInfo

msvcrt

strncmp

wintrust

WinVerifyTrust

ole32

IsEqualGUID

gdi32

Pie

Sections

.text
Size: 2.0MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE