9b9b3409c74d3c2d46ee475d0c2ddd98fa50e3fae7b89be0706a3538cf6cc278 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b9b3409c74d3c2d46ee475d0c2ddd98fa50e3fae7b89be0706a3538cf6cc278
Size

4.0MB
MD5

1534465616b4131e0da58b7107491832
SHA1

2fbe9bd995f870131af0b8766b6044a150fbd92f
SHA256

9b9b3409c74d3c2d46ee475d0c2ddd98fa50e3fae7b89be0706a3538cf6cc278
SHA512

c8261e4fd32708af7c34f577f130de58ebcceaa4d61cb49c24643b49ae648e42cf7474ecf6a4219dc14311e83f68a53448a7d6a2cb60084632ebc0ffdf5948c3
SSDEEP

98304:eJG17jWPb58r0+SpVokH7+9ZMLvaEKKidm/UuJSp1QVA:eQ12d8vSp+kb+PMjmKjUuJ61Qm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b9b3409c74d3c2d46ee475d0c2ddd98fa50e3fae7b89be0706a3538cf6cc278

Files

9b9b3409c74d3c2d46ee475d0c2ddd98fa50e3fae7b89be0706a3538cf6cc278
.exe windows x86

8f9c2ccb63add0c85fbea1056c8d25b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

bind

kernel32

GetWindowsDirectoryA

user32

GetWindow

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 2.8MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1008KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ