d88754908a59b77abca046e59c3f344b7fb5b21e6a65a04f4ba69a2563d74c88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d88754908a59b77abca046e59c3f344b7fb5b21e6a65a04f4ba69a2563d74c88
Size

1.4MB
MD5

9f0f7c58001c2ded0ef1fb8625a7f39f
SHA1

96068744bfbcd55a70ea357e216fe463f9e644c7
SHA256

d88754908a59b77abca046e59c3f344b7fb5b21e6a65a04f4ba69a2563d74c88
SHA512

fd7dcc07e57f6af030a1a137fee626a0e31d4ba6ec45eb3b4f8105e451ac0bea5d1e1b3755a032895ce3c708224bbc7e6f95216a489cb1d8ba223dca2213df1f
SSDEEP

24576:WeQbbULW/3L5W7137qR+B6moMbWUHGK5rKTpCUE/q+f5GjOCFp3byvd834IO65Mq:7QnEkqW66WHGu2dHE9YOWyV8nR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d88754908a59b77abca046e59c3f344b7fb5b21e6a65a04f4ba69a2563d74c88

Files

d88754908a59b77abca046e59c3f344b7fb5b21e6a65a04f4ba69a2563d74c88
.exe windows x86

dc6f6cf6f243f39589ba7085c299c229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess

user32

LoadIconA

gdi32

ExtTextOutA

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ord17

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 460KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ