11b61c992579cb1d055b30e45f2b7793 | Triage

Sharing

General

Target

11b61c992579cb1d055b30e45f2b7793
Size

169KB
MD5

11b61c992579cb1d055b30e45f2b7793
SHA1

7e9ff67d6c60d0a35336618444ab4f90c2744ab4
SHA256

e49b70c2ce752cf4de6279460994c98d2127754b6c13521cb39091f708b0a775
SHA512

01217b7c17e7fdaf1f872a84c5783925f2d5b44565dbe69932224a51888452b9998c06fbaad1196eecad4829b985ac46797c42389cc5634d8d868d9ab981a732
SSDEEP

3072:GD/gSjs8hG7BpWl8DPz+fTDopRFBctzMEG9zZ23k1lS0:KLjthG7DPDPzYopliNkNA2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b61c992579cb1d055b30e45f2b7793

Files

11b61c992579cb1d055b30e45f2b7793
.exe windows:4 windows x86 arch:x86

06f12ba49b4785e63d17433f5b9f0ee7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandW
sndPlaySoundW

kernel32

CreateFileW
WriteConsoleW
TlsFree
GlobalAddAtomW
InterlockedIncrement
GetModuleHandleW
GetEnvironmentVariableW
GetConsoleCP
CreateFileA
TlsAlloc
FlushFileBuffers
CreateFileMappingA
HeapAlloc
GetVersionExA
UnmapViewOfFile
EnumResourceNamesA
GetProcAddress
InterlockedDecrement
GetProcessHeap
SetLastError
MapViewOfFile
VerLanguageNameA
GetModuleHandleA
LoadLibraryExW
HeapFree
GetLastError
TlsGetValue
GetTempPathW
TlsSetValue
GetConsoleMode
ExitProcess
GetVersionExW
Sleep

shlwapi

PathAddBackslashW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ