89f5798e1c1c9a847c6160fd8e490fa592ebc0508253a8713d7490cccdddcbd3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89f5798e1c1c9a847c6160fd8e490fa592ebc0508253a8713d7490cccdddcbd3
Size

3.3MB
MD5

cb77257d94f8c07a17ca32659fca3c90
SHA1

e70ad28e6278d8e69ad19805cd672ef7ee48ca96
SHA256

89f5798e1c1c9a847c6160fd8e490fa592ebc0508253a8713d7490cccdddcbd3
SHA512

735e9e94007acb3872ab68d40335af0ce5579e81440a74827b6c5b60d56bd8b64ab52ff2aeb08b0f439ef694b606eef8183e90c6b40642441e5dde4619668e8c
SSDEEP

98304:gTPWK02+N+KtKgLmI86+FXqj+9EHC7PdgVu7qVD+ZPxp:mP7uVhHCSVukDSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f5798e1c1c9a847c6160fd8e490fa592ebc0508253a8713d7490cccdddcbd3

Files

89f5798e1c1c9a847c6160fd8e490fa592ebc0508253a8713d7490cccdddcbd3
.exe windows x86

a6c39ea1e771a0880244dc044e984a42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

socket

rasapi32

RasHangUpA

user32

GetKeyState

gdi32

LineTo

msimg32

GradientFill

winspool.drv

DocumentPropertiesA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoGetClassObject

oleaut32

SysAllocStringLen

comctl32

ImageList_Draw

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 2.2MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE