26b3fb6d0b7be77b2804144bd70c13a1f889dd635f3ed84bea9afe66b30f4a07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26b3fb6d0b7be77b2804144bd70c13a1f889dd635f3ed84bea9afe66b30f4a07
Size

13.7MB
MD5

fb175f384e2d902b2de666387e33bb6c
SHA1

5002b9b7745c095b416c7b55f3ab1f82a3112c71
SHA256

26b3fb6d0b7be77b2804144bd70c13a1f889dd635f3ed84bea9afe66b30f4a07
SHA512

70e9cefe9294451c6375d5d7dfa893f06f1224762c71b314075275b907effe43a18e26748fbeb81bbb945647dba7ceed614512a88de86e83c9fad1d7a6343c2c
SSDEEP

393216:9g3avUDvN0oth7Z7Bfiw3GFD965u7keNHBm6qEwP:tczZ7Z9iRfJtBrw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26b3fb6d0b7be77b2804144bd70c13a1f889dd635f3ed84bea9afe66b30f4a07

Files

26b3fb6d0b7be77b2804144bd70c13a1f889dd635f3ed84bea9afe66b30f4a07
.exe windows:5 windows x86

c2c88e8a8a00b6fc17d2396ea3068ba5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetEnhMetaFileHeader

advapi32

RegDeleteValueW

shell32

SHGetMalloc

ole32

CoTaskMemRealloc

oleaut32

VariantTimeToSystemTime

comctl32

InitCommonControlsEx

shlwapi

StrPBrkW

wldap32

ord41

ws2_32

ntohs

uxtheme

SetWindowTheme

winmm

timeGetDevCaps

gdiplus

GdipCreateBitmapFromScan0

crypt32

CertDuplicateCertificateContext

Sections

.text
Size: 13.7MB - Virtual size: 16.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE