ffb112d7b36361e9c53fd10efd33f2ce | Triage

Sharing

General

Target

ffb112d7b36361e9c53fd10efd33f2ce
Size

184KB
MD5

ffb112d7b36361e9c53fd10efd33f2ce
SHA1

3951b662833302b0cde16e44b82cc653055b774d
SHA256

84531d08b05ed43b6bffcdc8cbf7ec1eaf8a0832e20c000982b62c20421fc133
SHA512

e07d36c06d956f67a213a3637244983ee791ba33afb656b56d1a85ebb15ada025ad5d7b897e3accf2c7a8f3edb39b7ef4775247b94c3888d1dfe9e6e9b036b24
SSDEEP

3072:Ave+GjrPtQHLNDdOxoDTjMhIGvddkqZxbokW1cTk5GWiOX1oS5u:EG/OrNDdxvkPvQq3fucT07X13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb112d7b36361e9c53fd10efd33f2ce

Files

ffb112d7b36361e9c53fd10efd33f2ce
.exe windows:4 windows x86 arch:x86

4bae86852b3d57b676e06d8a4852983b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

kernel32

GetThreadPriority
LoadLibraryW
TransmitCommChar
LoadLibraryA
EnumResourceNamesW
ExitProcess
InterlockedDecrement
FreeLibrary
GetProcAddress
InterlockedIncrement

user32

GetKeyState
CharNextA
GetTopWindow
CharLowerA

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ