5d801590dde32ef2ff0ade45fa2da2edd9e5b5e174d9e14085c0f5882972128c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d801590dde32ef2ff0ade45fa2da2edd9e5b5e174d9e14085c0f5882972128c
Size

5.1MB
MD5

f8766e8baa26b9da91fd91cd90a88e0f
SHA1

3e31ed0d1404f49d6a799b635d244911f599d14e
SHA256

5d801590dde32ef2ff0ade45fa2da2edd9e5b5e174d9e14085c0f5882972128c
SHA512

d547b59692a4ceb75bc9f39cf2190656ae02cea96e4e8de95a906852f4a99b77439ed399e2adeaf9e79fb77b152557f26077593c15e3dffb8b7d21f4ac2113ab
SSDEEP

98304:9+rtRgQjVD9JItgG8v3C8KoAMxf78I7sDWfriObujNZRn/oCIw29bqsRSdmyl:9+PgQZD9r/Cto/IosDEuvRnQCI/JqsgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d801590dde32ef2ff0ade45fa2da2edd9e5b5e174d9e14085c0f5882972128c

Files

5d801590dde32ef2ff0ade45fa2da2edd9e5b5e174d9e14085c0f5882972128c
.exe windows x86

9a3c58592026130c5c65aecfdf9f7e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

socket

user32

EnumDisplaySettingsA

gdi32

LineTo

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ImageList_GetImageCount

Sections

.text
Size: 5.1MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE