57001a808e262c291e1cafb3a655fa25e831e3831537969746ccb6c3085b3d08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57001a808e262c291e1cafb3a655fa25e831e3831537969746ccb6c3085b3d08
Size

1.7MB
MD5

cd9b5b002ab2394c56105cc19199be0a
SHA1

b3db03074fdd4f817551ddbdc5bb256949e2d13b
SHA256

57001a808e262c291e1cafb3a655fa25e831e3831537969746ccb6c3085b3d08
SHA512

d7d21d8f8213e864ff371de48264a2e9004481af1c45999a62677717d5f5730a365fe8da3bb964ce54555edf7f3b2fa4869d5c5cbb77699c47a275ac5444ba42
SSDEEP

49152:71yITnwKr/d6IUneJLM+BuA1WftDC7/2tzlQSIOc1sM:7oMwUUIM+B0ts/SCpzsM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57001a808e262c291e1cafb3a655fa25e831e3831537969746ccb6c3085b3d08

Files

57001a808e262c291e1cafb3a655fa25e831e3831537969746ccb6c3085b3d08
.exe windows:4 windows x86

54f98cd45f7923d2d62c8016ba4c1970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile

user32

GetScrollPos

gdi32

CreatePalette

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

socket

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 784KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 968KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ