87d1e6362ee63c5cb781fe76a82fc97f4b76bc522ad50575a51da12913f99992 | Triage

Sharing

General

Target

87d1e6362ee63c5cb781fe76a82fc97f4b76bc522ad50575a51da12913f99992
Size

4.1MB
MD5

93f8046e965c3fbefa10767e92b4c6d0
SHA1

10410e9d1a8cfed30784997cdb34c82f3c57240d
SHA256

87d1e6362ee63c5cb781fe76a82fc97f4b76bc522ad50575a51da12913f99992
SHA512

13595a239cf9e8af056961f0c004761f0927f82252e197c32bcd9732e06279ba40a4edda20acb57a3081f4f779b5515b3fc0c76c2a7f6a6110ceb3b485ffe4b9
SSDEEP

98304:ABjSRakyFLuWNvoHJo6E1oS612EB/w2bH6n+YzHS:8SsBJuW1eo6E1oS6hJw2zs+YzHS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87d1e6362ee63c5cb781fe76a82fc97f4b76bc522ad50575a51da12913f99992

Files

87d1e6362ee63c5cb781fe76a82fc97f4b76bc522ad50575a51da12913f99992
.exe windows:4 windows x86 arch:x86

fe35bc2a28582136e62f20440c02c08b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

socket

kernel32

TerminateThread

user32

SetWindowRgn

gdi32

LineTo

winspool.drv

ClosePrinter

advapi32

CryptDestroyHash

shell32

DragFinish

ole32

OleUninitialize

oleaut32

SafeArrayGetElemsize

comctl32

ImageList_Add

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.4MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ