6fb25dc2ab1d6a4bb4c245381d77d3d23a4b9020adda3cb47d3304aae65603b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fb25dc2ab1d6a4bb4c245381d77d3d23a4b9020adda3cb47d3304aae65603b7
Size

866KB
MD5

efd466a1232f9368365baf15b1182d4b
SHA1

1e89d1182649f85ffdc715df78e6e8a138fcd160
SHA256

6fb25dc2ab1d6a4bb4c245381d77d3d23a4b9020adda3cb47d3304aae65603b7
SHA512

61555dd24e268b1687ed2adcc2b6736fd21f0cd3cf946134a09a4eefc69ee29d83ce3cb05222fafa371513c1d8c47e84e1da7cc29e96522a28db300192ab1395
SSDEEP

24576:H+KmAZ6rTytzPl1IeSEvjXV5/Br2Y7wcGe:NNZQEPvxS4VN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb25dc2ab1d6a4bb4c245381d77d3d23a4b9020adda3cb47d3304aae65603b7

Files

6fb25dc2ab1d6a4bb4c245381d77d3d23a4b9020adda3cb47d3304aae65603b7
.dll windows:4 windows x86

55bed5ac85b72390d33be5269e4d213a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamClose

ws2_32

gethostbyname

user32

GetSysColorBrush

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Destroy

Exports

Exports

CSHTGP
TGPCSH
TGPcaome
TGPcaomeA
TGPcaomeKey
��¼�

Sections

.text
Size: 854KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE