dbbdbc9afd52d2b5e18e6531d6ec5a300fabe4093fa659742e163a4b4497c5e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbbdbc9afd52d2b5e18e6531d6ec5a300fabe4093fa659742e163a4b4497c5e2
Size

5.1MB
MD5

858eb74b1cd09762f1fe2e6a89082c21
SHA1

d61d8e0d60d6de737afe7d46c6c69c02a8f78fc9
SHA256

dbbdbc9afd52d2b5e18e6531d6ec5a300fabe4093fa659742e163a4b4497c5e2
SHA512

f7f3f2668db793e133bd9d33176c2131b5f189835d8353e6939b3f74ebf57c8e6823b423666fbf0122ba40b917d9d54248a0232c10e8a5a158429b1b36b0bdb6
SSDEEP

98304:DscALLs45ZACcVc0K9Yz9EF6k72b03Kr8wlFSp+43dkrF03ShL9j3AMG:iLzvZcVsOzKwRA93Y9LlAMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbbdbc9afd52d2b5e18e6531d6ec5a300fabe4093fa659742e163a4b4497c5e2

Files

dbbdbc9afd52d2b5e18e6531d6ec5a300fabe4093fa659742e163a4b4497c5e2
.exe windows:4 windows x86

c4d1f5a193b3592633b5c924730d7a75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringW

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

gdi32

DeleteObject

comctl32

InitCommonControlsEx

wininet

InternetOpenA

gdiplus

GdipSetClipRegion

atl

ord42

shlwapi

PathRemoveFileSpecW

crypt32

CryptStringToBinaryW

msimg32

AlphaBlend

oleaut32

VariantTimeToSystemTime

Sections

.text
Size: 5.1MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE