9e284f16ec675451ed59aa0564376f7218b66a276d0b8b238f3e48f3936a7b2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e284f16ec675451ed59aa0564376f7218b66a276d0b8b238f3e48f3936a7b2f
Size

340KB
MD5

4a0dcfbd6bf550d4aaf321cfe5569896
SHA1

7de20e21f17657ba06fd150fbfd49e57a44efaa2
SHA256

9e284f16ec675451ed59aa0564376f7218b66a276d0b8b238f3e48f3936a7b2f
SHA512

f43ae9ad0a68226b0530bb1f3911a14bf0d74a9974273a3a04881e6ce18bedbecc0fa0ee8c4bd9b1c5137f96ca66fbb358888686b2391855c2491c0a3008ca99
SSDEEP

6144:Lt1g8llHyocPqliTTocnJwVQf2COifXah7NYR6s1aoJI6sr0P1Kw48tj:h1g4lHkKilJxf2vGqhRKgoJBsrqK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e284f16ec675451ed59aa0564376f7218b66a276d0b8b238f3e48f3936a7b2f

Files

9e284f16ec675451ed59aa0564376f7218b66a276d0b8b238f3e48f3936a7b2f
.exe windows:4 windows x86

7653ddb7218ff86fdeac07c5a7276a8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemAlloc

comctl32

ImageList_SetIconSize

shell32

SHGetPathFromIDListA

comdlg32

ChooseColorA

winmm

timeGetTime

Sections

CODE
Size: 323KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE