1de314109a36a545f553186df0890df4d5d7f77c50b068741c72857a78244afe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1de314109a36a545f553186df0890df4d5d7f77c50b068741c72857a78244afe
Size

2.5MB
MD5

e1daad901dc30a939cf97884d1371701
SHA1

aa1d8eca85d62a15cd838d1411901cfa38968f54
SHA256

1de314109a36a545f553186df0890df4d5d7f77c50b068741c72857a78244afe
SHA512

429faab1cd37becefa16c669f57e7115bd51de53f60a687f591892d1cf07956b79e9fb00abafb1f2080b707412413a4b7a5eefb14f271b252144d5563b00c93f
SSDEEP

49152:7KpjcoDTzw9Mp62KKVsLn4BzCKaiv6H0T52akpiMPX5LIat2TR:7KRDTzeMU2XsgraiiUTYakIMv5Mas1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1de314109a36a545f553186df0890df4d5d7f77c50b068741c72857a78244afe

Files

1de314109a36a545f553186df0890df4d5d7f77c50b068741c72857a78244afe
.exe windows:4 windows x86

34f3edee8a9b816216173f424a878026

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

CryptAcquireContextA

version

GetFileVersionInfoA

wsock32

WSAAsyncGetHostByName

winspool.drv

ClosePrinter

comctl32

FlatSB_GetScrollInfo

gdi32

AbortDoc

msimg32

AlphaBlend

shell32

SHGetFileInfoW

user32

ActivateKeyboardLayout

winmm

sndPlaySoundA

ole32

CLSIDFromProgID

oleaut32

CreateErrorInfo

gdiplus

GdiplusStartup

Sections

.text
Size: 2.5MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE