35269c56c593c92a822cf9bf14a9a3b2c7292c46d19fe380997ea1a6ea7136cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35269c56c593c92a822cf9bf14a9a3b2c7292c46d19fe380997ea1a6ea7136cf
Size

6.0MB
MD5

4c5e8d594d7bfcd2e867637dd5671d20
SHA1

a2f7760fac283d65e3e9f347c394354c91db6025
SHA256

35269c56c593c92a822cf9bf14a9a3b2c7292c46d19fe380997ea1a6ea7136cf
SHA512

55d1a0ea8811b9cc9ff91cfe70cb7f4086ce9154da042f789ebaca767bb05a1a14fca8c93ec6627c6625588d20777555835cd2ec320ec920d01ebaa8090b9576
SSDEEP

196608:zgk/iZeCvMZsSDac/vvqWtywozYB2oCbq:zgk/iK5z/6WL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35269c56c593c92a822cf9bf14a9a3b2c7292c46d19fe380997ea1a6ea7136cf

Files

35269c56c593c92a822cf9bf14a9a3b2c7292c46d19fe380997ea1a6ea7136cf
.exe windows:4 windows x86

d2f08dd9d496f9c458ce6cfa655a3ef2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA

user32

UnregisterClassA

gdi32

ExtSelectClipRgn

winmm

midiStreamStop

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

closesocket

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 5.0MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 972KB - Virtual size: 972KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ