1117a2ef7424ad4e5d61cca6e7ab83bfab889cfb76f0ae03d3941c6508a544b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1117a2ef7424ad4e5d61cca6e7ab83bfab889cfb76f0ae03d3941c6508a544b5
Size

1.9MB
MD5

87bf7fd3551296fb510a3f7162fb41b0
SHA1

2864f01d7e52718528c94a8fc888d68329a4cafb
SHA256

1117a2ef7424ad4e5d61cca6e7ab83bfab889cfb76f0ae03d3941c6508a544b5
SHA512

794f5be0daf6b481636178a7391e930a7ede33bf5e395621b9f16c59f19da74453ac3ec5135b59a767e71ec9f230b873686dbc25e9b1dfb5c81fdd34ed25be32
SSDEEP

49152:Jw8KKwDEzEV1ww7hCJuIZvrJa/anupsD8r18RWr5TO61Q:Jw8MDDTweCJlZcaCSy4uf1Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1117a2ef7424ad4e5d61cca6e7ab83bfab889cfb76f0ae03d3941c6508a544b5

Files

1117a2ef7424ad4e5d61cca6e7ab83bfab889cfb76f0ae03d3941c6508a544b5
.exe windows:4 windows x86

81b20f9e4aabcca07c98e85a7c246cb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep

user32

OpenClipboard

gdi32

ScaleWindowExtEx

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Read

ws2_32

getpeername

comdlg32

GetSaveFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 928KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 984KB - Virtual size: 984KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ