9f66e5a80db7ae8e5165d7a46b140519bbc2995e047f3251ea6addd096ecc4ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9f66e5a80db7ae8e5165d7a46b140519bbc2995e047f3251ea6addd096ecc4ac
Size

1.6MB
MD5

99d4ca6a76d1e7626ae1718fd5ae6973
SHA1

de78b741018691618c8255730a3ec546a1aec29a
SHA256

9f66e5a80db7ae8e5165d7a46b140519bbc2995e047f3251ea6addd096ecc4ac
SHA512

c6c8c9e1ad2869c27ccca75524584b83b8508355fc0c7909a073888d844d3dbbca9f866bda04e91b9ff5ad0a57752a2da6792cdcaaf7cb0ced013d7f946905de
SSDEEP

24576:oTcTjM4p2s9MhiQhdBlFHyHrmy46/swbnv6/x4aBU+EBsXhlRc9y9AfWpGHDGPy:oTNriLrDEiCtBSBoazfHDGPy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f66e5a80db7ae8e5165d7a46b140519bbc2995e047f3251ea6addd096ecc4ac

Files

9f66e5a80db7ae8e5165d7a46b140519bbc2995e047f3251ea6addd096ecc4ac
.exe windows:4 windows x86 arch:x86

8c7d7e87bb9572454f3bf5021fa51315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetLastError

user32

GetMenu

gdi32

PtVisible

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 480KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ