e936a7ea0a1812aaa5afa20e9a43f5a0e6c044ae13d601047849cad0ef97b00f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e936a7ea0a1812aaa5afa20e9a43f5a0e6c044ae13d601047849cad0ef97b00f
Size

1.3MB
MD5

49c0a186379ad9563ceb60bbb147c8a5
SHA1

3e565f3b575b6908b50144c572f8204cc69cdca5
SHA256

e936a7ea0a1812aaa5afa20e9a43f5a0e6c044ae13d601047849cad0ef97b00f
SHA512

07da910c206ec55db239d36aef89daf0f7054de195e40a789e40c16bcd7cdf0899492c80b0c53a756c6b684de11fc8a331b29a573681b90a9bf4ee3b6b5bb928
SSDEEP

24576:2F64E7nfNy8aEvNOXLGuB0Bg0wBIJoK7570/a59XEh/3jFNz:2y7nfs89VOXCJg0bJ5y/a59X2jFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e936a7ea0a1812aaa5afa20e9a43f5a0e6c044ae13d601047849cad0ef97b00f

Files

e936a7ea0a1812aaa5afa20e9a43f5a0e6c044ae13d601047849cad0ef97b00f
.exe windows:4 windows x86

668519e0807def90fbbbe54c27add669

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

WSACleanup

user32

DestroyAcceleratorTable

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: 1.3MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE