a76b911c1feeccba6c85aecd79872a94c96ffdb836d73a0eb0a84401bd4972f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a76b911c1feeccba6c85aecd79872a94c96ffdb836d73a0eb0a84401bd4972f5
Size

9.0MB
MD5

696fabb45610e9bae7ab6ac16c0257b8
SHA1

1537f445a34bec060f0cac9e8ef6e6542fe45889
SHA256

a76b911c1feeccba6c85aecd79872a94c96ffdb836d73a0eb0a84401bd4972f5
SHA512

9490c3f26c3701a1ab88796878416b859caf3087837ee8830beeae08a1f06ce49ccb18939d4b1bdc68e0ed73edd8bbec99d0a414ed83bdf3013d5140e6fd8121
SSDEEP

196608:C8CWdWEcSpkuQtKYprI/mCmgIl0DQaKhy/Kr1zrEmpDEZzCOvPLsir:C9InkbtKpAP+teb1zrEmmos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a76b911c1feeccba6c85aecd79872a94c96ffdb836d73a0eb0a84401bd4972f5

Files

a76b911c1feeccba6c85aecd79872a94c96ffdb836d73a0eb0a84401bd4972f5
.exe windows x86

17bf675c29b8c3d41e1510214131ac26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

HideCaret

advapi32

RegOpenKeyExA

ole32

OleCreateMenuDescriptor

oleaut32

VariantClear

msimg32

TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA

winmm

PlaySoundA

gdiplus

GdipGetImageWidth

oleacc

CreateStdAccessibleObject

imm32

ImmReleaseContext

gdi32

CreateRectRgnIndirect

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

shell32

SHGetFileInfoA

Sections

.text
Size: 8.9MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE