378ed921c71dd46dc1c77981fc1efe50d89ad9bff9bebc7bcfc70251ab8edfff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

378ed921c71dd46dc1c77981fc1efe50d89ad9bff9bebc7bcfc70251ab8edfff
Size

114KB
MD5

15b44d13fd4ed8f34e90bbfa3d2112c8
SHA1

066a23cbf413ff59619440fdb40cda888ff4793f
SHA256

378ed921c71dd46dc1c77981fc1efe50d89ad9bff9bebc7bcfc70251ab8edfff
SHA512

f81a16bb159c85a8e7258b145513819c107ab6123b1723bc980dda7a209210363bd09c81e2cc7e8aa1554c512f5cafa1bc5e9ab4d430500738789d3edf5de02d
SSDEEP

768:BFwNu3M/Ee2uQNDMpKPJ5D7DoFSIkT6S9:/wM3fegDQqJ58AT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
378ed921c71dd46dc1c77981fc1efe50d89ad9bff9bebc7bcfc70251ab8edfff

Files

378ed921c71dd46dc1c77981fc1efe50d89ad9bff9bebc7bcfc70251ab8edfff
.exe windows:6 windows x86

66487d0dee9bb1d0a503f5b3b621254b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

bass_vst

BASS_VST_GetInfo

bass

BASS_Init

user32

LoadIconW

advapi32

GetUserNameA

shell32

SHGetKnownFolderPath

msvcp140d

??1_Lockit@std@@QAE@XZ

vcruntime140d

memset

ucrtbased

exit

Sections

.MPRESS1
Size: 18KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE