dd330eb9298028fe7f700b6e5ce82d21a67484a18ef3df8f950a901ae75c94a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd330eb9298028fe7f700b6e5ce82d21a67484a18ef3df8f950a901ae75c94a7
Size

1.6MB
MD5

40426608619ff7140bea0646b539f53c
SHA1

b71e93060d914470793cee156925d1b9d701a3b9
SHA256

dd330eb9298028fe7f700b6e5ce82d21a67484a18ef3df8f950a901ae75c94a7
SHA512

72287e3f218e80b9c4af72c6be2d8a424412dd64195c5a1827a3082558366e422807fe1ceadfb8514153469f773ebced8b1a66a204dc9190c8dfc126f6bcaf68
SSDEEP

49152:ywGwd0fa41qdhlZ9yKU3QNG5O2blf4Yg:yfHSxhn0QwblfJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd330eb9298028fe7f700b6e5ce82d21a67484a18ef3df8f950a901ae75c94a7

Files

dd330eb9298028fe7f700b6e5ce82d21a67484a18ef3df8f950a901ae75c94a7
.exe windows:6 windows x86

d5785b08bc7e1e7b2d5286cbc973aebe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

sndPlaySoundW

oleacc

LresultFromObject

shlwapi

PathIsRelativeW

winspool.drv

DocumentPropertiesW

comdlg32

FindTextW

comctl32

FlatSB_SetScrollInfo

shell32

DragFinish

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

GetErrorInfo

advapi32

RegSetValueExW

msvcrt

memcpy

ole32

RevokeDragDrop

gdi32

Pie

Sections

.text
Size: 1.5MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE