e5079d054795774f547e916bd9b2306b75c96524b078a473db7e9f84e43103cd | Triage

Sharing

General

Target

e5079d054795774f547e916bd9b2306b75c96524b078a473db7e9f84e43103cd
Size

1.9MB
MD5

229e11ae24cae77966eae568470ecf3a
SHA1

1e9a28945ef3d1b84136c454785d25ac3c157b3c
SHA256

e5079d054795774f547e916bd9b2306b75c96524b078a473db7e9f84e43103cd
SHA512

b18a0670c16ddb5b559de77195cd9c070d7a905aeac5847b83f95023e9e2e554c42172ae5968fd44c3d6217bd98d5ebf36612bdb417bc099d6df4214eb78b125
SSDEEP

49152:uivUu84rR/G+HgKRfI4RmC7ajw84PHqdzZEhAeIhnq:7vUu1V/G+AcFOwHPI6jIhnq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5079d054795774f547e916bd9b2306b75c96524b078a473db7e9f84e43103cd

Files

e5079d054795774f547e916bd9b2306b75c96524b078a473db7e9f84e43103cd
.exe windows:4 windows x86

0e8a668bdc32a522ef1160989b3e99ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

rasapi32

RasHangUpA

user32

SetTimer

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

SHGetSpecialFolderPathA

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

ord17

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 1.8MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE