b4f95df5f24b2b6998d29913718dd4240ec9313180ec53ef280a26d57ce8a00b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4f95df5f24b2b6998d29913718dd4240ec9313180ec53ef280a26d57ce8a00b
Size

15.4MB
MD5

db92e198605e2202897b5bfec4a713a6
SHA1

ccfa25901e7480deb4f93a1461f1aad41391454f
SHA256

b4f95df5f24b2b6998d29913718dd4240ec9313180ec53ef280a26d57ce8a00b
SHA512

ee57f72d03a26dc9e5dce83604ee5cbe74cd20df57a709c521cc133dd33a6fc1b375b38348321c9ae11273e5a04b3c91b1005de8de69616cdab32ab4d438caef
SSDEEP

393216:XP8+NwwByCPm9mf59fjFZslOgeEA9vXNF5U2bNJaR9LdgrL6HfP:mOh+mx9rIlOzJXv5v6R9LiW/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4f95df5f24b2b6998d29913718dd4240ec9313180ec53ef280a26d57ce8a00b

Files

b4f95df5f24b2b6998d29913718dd4240ec9313180ec53ef280a26d57ce8a00b
.exe windows:4 windows x86

7d27bf45d5687d520f4596e31d7182a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringA

gdi32

SetMapMode

winmm

midiStreamRestart

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoTaskMemFree

oleaut32

VariantCopy

comctl32

ImageList_ReplaceIcon

oledlg

ord8

ws2_32

recv

Sections

.text
Size: 4.6MB - Virtual size: 25.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE