f54199adce915425284b0f76223ff780f0a3b91224acc14d881b9dc4dc7ac436 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f54199adce915425284b0f76223ff780f0a3b91224acc14d881b9dc4dc7ac436
Size

13.9MB
MD5

1481e5ae23d7819b2e87d236d6ba42b8
SHA1

bc370d11f90f0604bd270b210579d4e6370637c2
SHA256

f54199adce915425284b0f76223ff780f0a3b91224acc14d881b9dc4dc7ac436
SHA512

79f83118dc375fa63ee368de76421c50236f1b1fc17765aea34d59f2cc62bb550598af1819ecc60f4f7acfa85f85d4e173aa12372a5e4b725eca93d981d93e77
SSDEEP

393216:IzZBvtTry7wi8k+ogNcGtuHHg6qNUcuJinvOO1iE8R:IzZnrSwG+ofHA6qNbF9zw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f54199adce915425284b0f76223ff780f0a3b91224acc14d881b9dc4dc7ac436

Files

f54199adce915425284b0f76223ff780f0a3b91224acc14d881b9dc4dc7ac436
.exe windows x86

432fc55f13f2f44d1365d832cb8bcac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

winmm

midiStreamRestart

ws2_32

select

user32

GetClipboardData

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

SafeArrayAccessData

comctl32

ImageList_Create

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 2.5MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE