b21dc682cd267068c667eed1f7fcd78bd88b2ebc7278cc3edaedbfb7fadecc04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b21dc682cd267068c667eed1f7fcd78bd88b2ebc7278cc3edaedbfb7fadecc04
Size

586KB
MD5

1504bf4b5643412b0d0f76c3261e2ccd
SHA1

c63185f7a0048655fb08a280040db10bd50adf8a
SHA256

b21dc682cd267068c667eed1f7fcd78bd88b2ebc7278cc3edaedbfb7fadecc04
SHA512

59888e9b28edd3cd565964af855fba6031ca7f672feef3a700fe0d4e4df0c0bf3bb072b948f515240890a0ad247fc3f9315004f4cefdf52c0c1be300583b6a82
SSDEEP

12288:2PmKDEHth25BvD4mrCRDc6As5YI/dW3hw68IaMTEfesGlp+QSzMOZX2pkBZ:2+KQab4mUdfYI/kRd82WzIeX2pk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b21dc682cd267068c667eed1f7fcd78bd88b2ebc7278cc3edaedbfb7fadecc04

Files

b21dc682cd267068c667eed1f7fcd78bd88b2ebc7278cc3edaedbfb7fadecc04
.exe windows x86

1a263e44a30c0d558779a6f05caab7e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

comdlg32

FindTextA

winmm

mciSendCommandA

oledlg

OleUIObjectPropertiesA

shell32

SHGetMalloc

Sections

CODE
Size: 561KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE