786148f664d332cde4353ad6cf6a26d97c5eabbbca863e01a085382f7c9e0212 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

786148f664d332cde4353ad6cf6a26d97c5eabbbca863e01a085382f7c9e0212
Size

13.5MB
MD5

3ca7b9cdb2879a8aa3c9944da1065ffa
SHA1

d18a3bcacbbfba2cfa99a84524c7ef73df3f074f
SHA256

786148f664d332cde4353ad6cf6a26d97c5eabbbca863e01a085382f7c9e0212
SHA512

173afa1e7a37f35db0627c1daf3e33c7e7c5982775cfa91593d677c82deb53185c5c7564f6665a7b4613f922732af6ba470baaaf27b9a845413a459dd7595fdb
SSDEEP

393216:wPN9q9Pfnp+CxNdEbn8U2r60WGmNFn/F1Nyzp3/hb:O9C+bn8U26Gat+zp3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
786148f664d332cde4353ad6cf6a26d97c5eabbbca863e01a085382f7c9e0212

Files

786148f664d332cde4353ad6cf6a26d97c5eabbbca863e01a085382f7c9e0212
.exe windows x86

29264dc7f280213ceff9dfa9ab6ee25a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

user32

GetSysColorBrush

gdi32

SaveDC

winmm

midiStreamRestart

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoTaskMemFree

oleaut32

VariantCopy

comctl32

ImageList_ReplaceIcon

oledlg

ord8

ws2_32

recv

Sections

.text
Size: 4.2MB - Virtual size: 25.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE