ae9b9b49c86b161578ce11a08ad9d7ce711cc288e2acd642bf7820b7e35157c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae9b9b49c86b161578ce11a08ad9d7ce711cc288e2acd642bf7820b7e35157c9
Size

4.0MB
MD5

144c70465b43864c2a64731df5997d91
SHA1

82a4fe42dc9b1571b89a4670782ecd3df59139b6
SHA256

ae9b9b49c86b161578ce11a08ad9d7ce711cc288e2acd642bf7820b7e35157c9
SHA512

b65bb1c5ed746070af351ee3610de67d7024952213538da0037b2f9ea5bfde4d2da1266a5f88db4b51ba43651f3ceab96a0e938e9b198abf4a0dcc1cb00657b5
SSDEEP

98304:pLr+7xW1I4bwd1J4mcTOPKHwSXFkIud/i4SAVi:p3+4qfB1SHwaFkDd/50

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae9b9b49c86b161578ce11a08ad9d7ce711cc288e2acd642bf7820b7e35157c9

Files

ae9b9b49c86b161578ce11a08ad9d7ce711cc288e2acd642bf7820b7e35157c9
.exe windows x86

8f9c2ccb63add0c85fbea1056c8d25b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

bind

kernel32

GetWindowsDirectoryA

user32

GetWindow

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 2.8MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ