6cd167942aeff7d10a29b02db8938511192cbff3323f88813189c3b4971d3b18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cd167942aeff7d10a29b02db8938511192cbff3323f88813189c3b4971d3b18
Size

10.9MB
MD5

e18d7972828aa95b67a99317c8ae82f4
SHA1

1014759fe5944d23631975970f754a9edb10704f
SHA256

6cd167942aeff7d10a29b02db8938511192cbff3323f88813189c3b4971d3b18
SHA512

d81c293fb38374d949fe93a5087a9fdddbeaa62b637a42d3f64666422a5bab7107958fa5a8ad181d1631dc5f9148d2fbfbcbd01af6dd4ff28c0216dca3f8ca31
SSDEEP

196608:jpPaI0j0GGXh1toX6qkZ5EkeHaC1h06T9S3QxshY033boETZWIE+jAmlgw17caDA:jpzxGgdotkeHZK6Je/hY0HkEd6mqw1V0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cd167942aeff7d10a29b02db8938511192cbff3323f88813189c3b4971d3b18

Files

6cd167942aeff7d10a29b02db8938511192cbff3323f88813189c3b4971d3b18
.exe windows x86

432fc55f13f2f44d1365d832cb8bcac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

winmm

midiStreamRestart

ws2_32

select

user32

GetClipboardData

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

SafeArrayAccessData

comctl32

ImageList_Create

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 4.1MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE