c928d25c6cc01ae316d2c9fd84164e0cd794f24628ae9e0ddfbacb6f3cf3d427 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c928d25c6cc01ae316d2c9fd84164e0cd794f24628ae9e0ddfbacb6f3cf3d427
Size

1.1MB
MD5

a46ccfbe39c34059d86b6c984953a461
SHA1

b2bcedf7e42595b719c8814443efd40b2c3fbcd0
SHA256

c928d25c6cc01ae316d2c9fd84164e0cd794f24628ae9e0ddfbacb6f3cf3d427
SHA512

7b6dd42639d54df46aab9b628e37ab1123b43c996675e848e3d6b0a9e3a1defa701fdf3adafe60f2c5949162cfd129b2c659d1c362a7c785d4a249ce82b42df4
SSDEEP

24576:Ss/+DS+Psge6EgpXQ9bcsJ+JltROCUgvZOCmqOMmB:Ss2Fle6E+E8lPzUQACkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c928d25c6cc01ae316d2c9fd84164e0cd794f24628ae9e0ddfbacb6f3cf3d427

Files

c928d25c6cc01ae316d2c9fd84164e0cd794f24628ae9e0ddfbacb6f3cf3d427
.exe windows:4 windows x86 arch:x86

c57e4f526395288c8406444b38b1e657

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrA

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

SHChangeNotify

oleaut32

OleLoadPicture

version

VerQueryValueW

setupapi

CM_Get_Parent

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
_dllMain_Name@12
_mainB_@8
_mainW@16
_main_@4
main
main1
main5
mainB

Sections

.MPRESS1
Size: 417KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 679KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE