1ed226e34847d9bfef85ade48a33b8944d48dfa1d60a5d37624314e9ab44726f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ed226e34847d9bfef85ade48a33b8944d48dfa1d60a5d37624314e9ab44726f
Size

2.5MB
MD5

56b27d54de17b89e1e607d3b8888a825
SHA1

077542a2d6d5b0e9e13f3bf9f1f109cc225c0e35
SHA256

1ed226e34847d9bfef85ade48a33b8944d48dfa1d60a5d37624314e9ab44726f
SHA512

1eabde682de829d00cc7405295b46ac6b811a2cd12912fb5ebcde96098f5cd7f682b7ad6ef99c2648dc9e15f35a0319f8dfb802626fb4bb33627c62a0516a58c
SSDEEP

49152:bGMEGKcYceDUDyUIxTmmbEObqhB3oE6MsEXEV9EahHSDCBpBH7tbZ:bGMEGK0EximwOb2HsEXcj5HRbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ed226e34847d9bfef85ade48a33b8944d48dfa1d60a5d37624314e9ab44726f

Files

1ed226e34847d9bfef85ade48a33b8944d48dfa1d60a5d37624314e9ab44726f
.exe windows:4 windows x86

0588d8566c0247a3cb74d141000b8a37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiOutReset

ws2_32

WSACleanup

user32

ScrollWindowEx

gdi32

GetObjectA

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoRevokeClassObject

oleaut32

SafeArrayGetLBound

comctl32

ImageList_Destroy

oledlg

ord8

Sections

.text
Size: 2.4MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE