71ac031762f9d6022633ed475a55e8ccf00a9f1616c6134dd104d1990efdf407 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71ac031762f9d6022633ed475a55e8ccf00a9f1616c6134dd104d1990efdf407
Size

16.0MB
MD5

3d508efaa8efc50ab41bbd3c01aaedf8
SHA1

b9638512d9b07fd66a2b42c3b652910d32f28fe4
SHA256

71ac031762f9d6022633ed475a55e8ccf00a9f1616c6134dd104d1990efdf407
SHA512

f3ef68b41eb36fd5fcd3e909e97f1ff7e3e3499d0062844ed4bcca6e7ff0c59baa5b3e66eecd0ef07610d8ffbe55268fc1fc2d0de2ce9aaaa4810bbeb31f6da3
SSDEEP

393216:iYCbD/aC0YID9Lgaq7hH1EZ/U9tpOjGr2gfDnQu/Kl5HC:iVbD/a5Y+9Lgx51eUXpOjGrZMu/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ac031762f9d6022633ed475a55e8ccf00a9f1616c6134dd104d1990efdf407

Files

71ac031762f9d6022633ed475a55e8ccf00a9f1616c6134dd104d1990efdf407
.exe windows:4 windows x86 arch:x86

7633c0857dcc111242216d6981e631e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

htons

user32

GetSystemMenu

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SysAllocString

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: 7.6MB - Virtual size: 14.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE