1b7f8f4bd35be9bf95457b07721b9978 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b7f8f4bd35be9bf95457b07721b9978
Size

4.2MB
MD5

1b7f8f4bd35be9bf95457b07721b9978
SHA1

79694c7234b1c33bfec5ddd7b2acbd7a10b108b7
SHA256

dc17e24071aa85a68196fbc25124c82aa3c20c6ff2e065c89b9ae47cc432cd4d
SHA512

491f970c7d594442a6d4f3bc31bea96417d1823e8a9ba40761012f0275cd3aba452dfd23cd04477a04dc461501ef3952435636775dab4ff1c42230a1f2b9bb86
SSDEEP

98304:CyyOcvYEBSheYaUgaUhqSwApuop2QOb2rll:CyzcvYKUQkepHK2rll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7f8f4bd35be9bf95457b07721b9978

Files

1b7f8f4bd35be9bf95457b07721b9978
.exe windows:4 windows x86 arch:x86

db04412a59d78a4aadbbb0425469cb9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

sndPlaySoundA

msimg32

AlphaBlend

user32

GetWindowThreadProcessId

gdi32

PolylineTo

comdlg32

CommDlgExtendedError

winspool.drv

ClosePrinter

advapi32

AdjustTokenPrivileges

shell32

SHGetFileInfoA

comctl32

_TrackMouseEvent

oledlg

ord3

ole32

GetClassFile

olepro32

ord253

oleaut32

VariantClear

Sections

.text
Size: 4.2MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE