601ea57991f45ee2c83b144c4550d49d17957abd2e0ae0b50fb35a92a942e417 | Triage

Sharing

General

Target

601ea57991f45ee2c83b144c4550d49d17957abd2e0ae0b50fb35a92a942e417
Size

1.9MB
MD5

dbe027e10c6452bda90427d389be8dd5
SHA1

faa3821af4a7bb0089452fc4018055cc2916261c
SHA256

601ea57991f45ee2c83b144c4550d49d17957abd2e0ae0b50fb35a92a942e417
SHA512

c639f3513999bce3f3d361890d167f07856632726dc57f10b6493dea56762b646b16d0b01366f6086b7198023a695a307fde22fc8cf8f49fb77c8df5612670df
SSDEEP

49152:OCITT2qH7ZNFg79w9DcRKY5pHD+VwPs/f+Xxx4KarOCGBXq44eo:OfTTtZXg7ocR9pO2Xxx4SF4eo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
601ea57991f45ee2c83b144c4550d49d17957abd2e0ae0b50fb35a92a942e417

Files

601ea57991f45ee2c83b144c4550d49d17957abd2e0ae0b50fb35a92a942e417
.exe windows x86

17cb2cdbeafd00f81ded9f190e88af79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

MultiByteToWideChar

user32

DestroyAcceleratorTable

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseFontA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 836KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ