80986dd5bf863b7e09a8b7ab5d596b0317220e543ef77d91eb9df351e8a3633c | Triage

Sharing

General

Target

80986dd5bf863b7e09a8b7ab5d596b0317220e543ef77d91eb9df351e8a3633c
Size

1.7MB
MD5

0d49e81637d313acf840b0090daa413f
SHA1

edf05a2ac202491493484d9c05a1485e4fc24463
SHA256

80986dd5bf863b7e09a8b7ab5d596b0317220e543ef77d91eb9df351e8a3633c
SHA512

25efb175d72162580db3a20be716b8acfba9eb8ec42a39f3088f8d33d676cdca2d3be372985e37886702d252871c8f09a9fa66cbb229c732321f748631666702
SSDEEP

24576:1B3H3OEBgW+DYnqIwdMnnRYqBpRH7bac7zg940VX8i5nj+L+Z8lCsKa27hD:1B3XXkYFnqczH736R8Aj+or

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80986dd5bf863b7e09a8b7ab5d596b0317220e543ef77d91eb9df351e8a3633c

Files

80986dd5bf863b7e09a8b7ab5d596b0317220e543ef77d91eb9df351e8a3633c
.exe windows x86

8a17e63009d3a52d2632c7cfd569c91e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

kernel32

SetLastError

user32

IsIconic

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 616KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ