dcf0447945e388b281f5ceceefbeb61a6cbead6c644ea5cedca23761bff466d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcf0447945e388b281f5ceceefbeb61a6cbead6c644ea5cedca23761bff466d7
Size

5.0MB
MD5

c9b48d1160886c7b8e0f479f03923939
SHA1

15ac9fb8126542ec4a4eac959d4aca65fb34e73d
SHA256

dcf0447945e388b281f5ceceefbeb61a6cbead6c644ea5cedca23761bff466d7
SHA512

c8f4cfe4114234afca139721c12e9afb9d0aa09a56daeb92748ed1162e0d268278da70ec4c09e6e2bbd62969e8cb89e0bcf16cdaf8862c7550b7dfe6ea344817
SSDEEP

98304:cY+v4CFZKlEmJbUTvM4cHgDMJ+4NmXQp588YKgBfZphbKlLVTuMbZ:kACTKlZbUTPrA2987Q3cLDbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf0447945e388b281f5ceceefbeb61a6cbead6c644ea5cedca23761bff466d7

Files

dcf0447945e388b281f5ceceefbeb61a6cbead6c644ea5cedca23761bff466d7
.exe windows:4 windows x86

4a1479bc72bec1ca184d9fddcfa6fc8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

iphlpapi

GetAdaptersInfo

winmm

midiOutReset

ws2_32

WSACleanup

user32

ScrollWindowEx

gdi32

RoundRect

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

RegisterTypeLi

comctl32

ord17

Sections

.text
Size: 4.9MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE