9a4ae20104216ed56d37339aa8bc34946a056d34a45b6744e936d667a8106fec | Triage

Sharing

General

Target

9a4ae20104216ed56d37339aa8bc34946a056d34a45b6744e936d667a8106fec
Size

8.7MB
MD5

5e63f1c80f45d80fa7c0b913ca7f6081
SHA1

68c2bf74f41e00ccc39b3829a3af9bb8ec6dc5ab
SHA256

9a4ae20104216ed56d37339aa8bc34946a056d34a45b6744e936d667a8106fec
SHA512

ce67ac594960ca5af9235103ae012e5fb38c271f18b13069fc3af9db75c0dc35925e203626e8eb0853b81885ea6362b02e466c61b7f61ca31ad0cb6d093b792e
SSDEEP

196608:crd3kaSEQFT4zvbh4t8TokSPqR+rPmMhg7sX:UfSfl+tM+okOPmb7sX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a4ae20104216ed56d37339aa8bc34946a056d34a45b6744e936d667a8106fec

Files

9a4ae20104216ed56d37339aa8bc34946a056d34a45b6744e936d667a8106fec
.exe windows x86

7d65e1c0a2156348d6597ffb2df4a472

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CreateDialogIndirectParamA

advapi32

RegDeleteKeyA

ole32

CoLockObjectExternal

oleaut32

SystemTimeToVariantTime

msimg32

AlphaBlend

shlwapi

StrFormatKBSizeA

uxtheme

GetThemePartSize

winmm

PlaySoundA

gdiplus

GdiplusStartup

oleacc

CreateStdAccessibleObject

imm32

ImmReleaseContext

gdi32

SetWindowExtEx

winspool.drv

DocumentPropertiesA

shell32

ShellExecuteA

Sections

.text
Size: 8.7MB - Virtual size: 13.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE