c29d52751e5c10f5e79c21194b7a8767f25b1e6f553a5985e4b4b973b4b3668d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c29d52751e5c10f5e79c21194b7a8767f25b1e6f553a5985e4b4b973b4b3668d
Size

9.4MB
MD5

4b91f11f87967421cf0541b93bf95db4
SHA1

a114d6d5de4c2612acd15837ce97e639b8307973
SHA256

c29d52751e5c10f5e79c21194b7a8767f25b1e6f553a5985e4b4b973b4b3668d
SHA512

2e439ec1d8f3389f320a7df08988b6230d47337f2e5ba870dde8b51fa45ed40e84e8708512c8e969fd399befab80e5ee50de89e123eb0d54c6655323f3085d93
SSDEEP

196608:G7vrYHKeLFaPVAKZ1qGStPEkUg9pIpgDUwlbSCFFx4Q:O0H3FQVAKZJcsrg92gvbz4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c29d52751e5c10f5e79c21194b7a8767f25b1e6f553a5985e4b4b973b4b3668d

Files

c29d52751e5c10f5e79c21194b7a8767f25b1e6f553a5985e4b4b973b4b3668d
.exe windows x86

7eeb5eeff53257f9022fb5f06f598815

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetDlgItemTextA

gdi32

CreateCompatibleBitmap

msimg32

TransparentBlt

winspool.drv

ClosePrinter

advapi32

RegSetValueA

shell32

DragQueryFileA

shlwapi

PathRemoveExtensionA

uxtheme

DrawThemeText

ole32

OleGetClipboard

oleaut32

LoadRegTypeLi

oledlg

ord9

winmm

PlaySoundA

gdiplus

GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow

imm32

ImmReleaseContext

Sections

.textbss
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9.4MB - Virtual size: 21.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE