c65d2f2a62a5e700e39825238c1e71f69a7f73e10b7b0cacc1dcfbda9df3fe4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c65d2f2a62a5e700e39825238c1e71f69a7f73e10b7b0cacc1dcfbda9df3fe4e
Size

9.0MB
MD5

c8dfd0bacb31c63d6350363ecf43562f
SHA1

fbcd02b3985c3d92593fd2e02438f9a85da81440
SHA256

c65d2f2a62a5e700e39825238c1e71f69a7f73e10b7b0cacc1dcfbda9df3fe4e
SHA512

ddbbdaa503daa36e7d67d34155dea8f7104b0306a4ba6ac1c912d15e45bc4c29f07ed6f90e9a67d07870918c4c4453610b43c93231d10d93e64d7d2caf7d5b0c
SSDEEP

196608:IPjX33MtFhAfx8+f8TQkfLDgugI7LLBPhITHs+vLN54ROIOFmX7QpD9:IPT3MExBEUQD/7vB5ITfzKROFf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c65d2f2a62a5e700e39825238c1e71f69a7f73e10b7b0cacc1dcfbda9df3fe4e

Files

c65d2f2a62a5e700e39825238c1e71f69a7f73e10b7b0cacc1dcfbda9df3fe4e
.exe windows:5 windows x86 arch:x86

2e319400b12556a8faa93c71e1cc91dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

IsZoomed

gdi32

CreateCompatibleBitmap

msimg32

TransparentBlt

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

SHGetPathFromIDListA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA

uxtheme

DrawThemeText

ole32

DoDragDrop

oleaut32

DispCallFunc

oledlg

ord8

winmm

PlaySoundA

gdiplus

GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow

imm32

ImmReleaseContext

Sections

.text
Size: 8.9MB - Virtual size: 14.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE