279b1d703842e04bc8326f7e4ee83a6afe402b99deebbff9b5c27502c4305159 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279b1d703842e04bc8326f7e4ee83a6afe402b99deebbff9b5c27502c4305159
Size

322KB
MD5

a7260557ef9ea259204c3d0107b4bb05
SHA1

5fc72f6f34f46b47fbd4c755bbdbfb3910c224a2
SHA256

279b1d703842e04bc8326f7e4ee83a6afe402b99deebbff9b5c27502c4305159
SHA512

cb68c34c91e9393276d92c69fdf64a7a157e50f766d9e43416b8581434b4aafbb113996737ab4442e8fea3da6b954d250041151f83e9973ff43fe5ce3681a709
SSDEEP

6144:bM3s8NuPxu6aAbW7EKgDgNIDsbyl+RHL1ncp0wBg8aLkIK9+re481rqlxbhdoN1K:+uu73DygRHJncuwZaxk+rez1rWtuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279b1d703842e04bc8326f7e4ee83a6afe402b99deebbff9b5c27502c4305159

Files

279b1d703842e04bc8326f7e4ee83a6afe402b99deebbff9b5c27502c4305159
.exe windows x86

aca35d13adb97d2c480a39887a5f629a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

gethostbyname

winmm

mixerOpen

version

VerQueryValueA

comctl32

ord6

psapi

GetModuleBaseNameA

wininet

InternetOpenA

user32

GetDC

gdi32

BitBlt

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayGetLBound

Sections

.MPRESS1
Size: 296KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE