b135c4dab0a56533bd347cd31f23884731d3f9a79b8216b9c1e365a9ad8f2e50 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b135c4dab0a56533bd347cd31f23884731d3f9a79b8216b9c1e365a9ad8f2e50
Size

3.5MB
MD5

af49118d92be1d2ef8a2de62de312033
SHA1

19f8f525fbc84227a5ce906b14805650d6c64a48
SHA256

b135c4dab0a56533bd347cd31f23884731d3f9a79b8216b9c1e365a9ad8f2e50
SHA512

a648ad4289fc5e4a7fe89f8244c4f38a5ff418f8ce0558af22aab27621ebd9412898bba9fe1b3c5d1735a1b6ae6a340252d13e1a8a57744293fca509273bab84
SSDEEP

49152:9NrYtbAbbc0CGVHCcOxqoppLXCIYrKMtlBdukXK6f/8LYFlNKVZlWcjsKomm5Z/X:9rbc0dxOfbCIYflBduQn8Wjmmv/oC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b135c4dab0a56533bd347cd31f23884731d3f9a79b8216b9c1e365a9ad8f2e50

Files

b135c4dab0a56533bd347cd31f23884731d3f9a79b8216b9c1e365a9ad8f2e50
.exe windows:5 windows x86

f427ec01d51b9c584dcb332a494f35bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueW

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA

wsock32

WSACleanup

gdiplus

GdipSetStringFormatLineAlign

Sections

.text
Size: 2.7MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE