ff971ff0fdcea899fdc671545db6dcce5407f0e9f3359ca5cd694187efa82c66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff971ff0fdcea899fdc671545db6dcce5407f0e9f3359ca5cd694187efa82c66
Size

553KB
MD5

befd85736664450af73d0586d510b6ff
SHA1

10710b6c18c73b5df6e7099b95d2ce8004eb05a5
SHA256

ff971ff0fdcea899fdc671545db6dcce5407f0e9f3359ca5cd694187efa82c66
SHA512

e122984441583065b2948ae03aa57a9d3d7deaaa86be11a86d4a9d9a06674c3860886c89ffab917643ca858d55b18de1d65dfbf067f7ba05139f640e2cb121a8
SSDEEP

12288:LWYx6cckFR/vc+QrfoPF5aJArIunMb21eKdyhMm6YR:KYx71v+uFUJhpbMeKd4Eg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff971ff0fdcea899fdc671545db6dcce5407f0e9f3359ca5cd694187efa82c66

Files

ff971ff0fdcea899fdc671545db6dcce5407f0e9f3359ca5cd694187efa82c66
.exe windows:4 windows x86

242b3005aed812d3e90bec0b9cb6c002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

sendto

rasapi32

RasHangUpA

user32

SetMenu

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

DragQueryFileA

ole32

CoCreateInstance

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageCount

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

CODE
Size: 527KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE