a6bc4f6bf58c2e6eb55a4c1f6e0d4725b8639611bab37606177b2e71175662e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6bc4f6bf58c2e6eb55a4c1f6e0d4725b8639611bab37606177b2e71175662e1
Size

1.3MB
MD5

2a573c69f062a6f6ed9dec00fd0e6664
SHA1

7825b7657babe71434eeb4531a39b9d3ba3ceae8
SHA256

a6bc4f6bf58c2e6eb55a4c1f6e0d4725b8639611bab37606177b2e71175662e1
SHA512

8fe82781611323a7bae713ce0fe185d67fae13714a0e0a5f5ad0260c71d6ebb92aaf04af1239830c417182e8228fbe905f7252a3b17595069941a2125ab799a1
SSDEEP

24576:znsKHtoASZ38AViBy2Wk3dPbjLPfjim0MEW1oe3Pj6K:rrNvAiA2DLPbSWbv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6bc4f6bf58c2e6eb55a4c1f6e0d4725b8639611bab37606177b2e71175662e1

Files

a6bc4f6bf58c2e6eb55a4c1f6e0d4725b8639611bab37606177b2e71175662e1
.exe windows x86

0c0ffa9c5c2772462c8f02fa8b4b9a80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA

user32

GetForegroundWindow

gdi32

GetTextMetricsA

winmm

midiOutReset

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 364KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ