128ebcf5af05a2ab1127474ba0d9a4ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

128ebcf5af05a2ab1127474ba0d9a4ca
Size

811KB
MD5

128ebcf5af05a2ab1127474ba0d9a4ca
SHA1

5ec4e33763dfa6f7291f8c9de7f8490f86aedfa4
SHA256

8dd56ce9e037351ff8f13a231c0e09a6624c29e184e4933178ced5e16bcb008d
SHA512

cf1c0964ba3ea2f6fead5da5c11f8e5778f94bcf5fcbca2c85dc9a1eaf237a15c33d3141013206b985bb48eece1a4c99d53943b685a5f83021ca3b317a33029e
SSDEEP

24576:gvHJYQj7+UXSqsj2k8NCr99LrhJXBLd0QqX:CaqKUXSqsjZ8gfLrTBhDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
128ebcf5af05a2ab1127474ba0d9a4ca

Files

128ebcf5af05a2ab1127474ba0d9a4ca
.exe windows:4 windows x86 arch:x86

231425377893abb7b2ff9764e70528f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetOpenEnumA

version

VerQueryValueA

wsock32

WSACleanup

winmm

waveOutSetVolume

Sections

CODE
Size: 28KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE