11bdd3ba11c3369a3ca7cbdf5c39811e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11bdd3ba11c3369a3ca7cbdf5c39811e
Size

128KB
MD5

11bdd3ba11c3369a3ca7cbdf5c39811e
SHA1

1c6f5be26e14809bfe58374e950ecbfecc3ddacc
SHA256

e6520d2f7a25e94131a508b53427cebc0430aef4607a1392ab1ba40293d3d10a
SHA512

0c3289caed6d65a9a2635fbf657d1c83b07e62b70baa57c8aa86a085a11af561f8956b4918271307263c857d7fcdd880f06f59d451cb20b99c4c631cdbec8edf
SSDEEP

3072:3ajZP5U3xaMSHBEmx0NwN6C5LlcceoNU1AZa:3atP5szmx0yxlccjsx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11bdd3ba11c3369a3ca7cbdf5c39811e

Files

11bdd3ba11c3369a3ca7cbdf5c39811e
.exe windows:5 windows x86 arch:x86

56b5ed7356bf86b79aa5a7260d241462

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_onexit

advapi32

RegOpenKeyExA

gdi32

CreateCompatibleDC

user32

CreateWindowExW

comctl32

ord413

shell32

ord752

ntdll

NtQuerySystemInformation

netapi32

NetApiBufferFree

ole32

CoUninitialize

oleaut32

VariantInit

rpcrt4

RpcBindingFromStringBindingW

duser

UtilDrawBlendRect

msimg32

GradientFill

oleacc

LresultFromObject

Sections

.text
Size: 119KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE