0af99a519ec3bad0536122d2e7f809ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0af99a519ec3bad0536122d2e7f809ac
Size

446KB
MD5

0af99a519ec3bad0536122d2e7f809ac
SHA1

235f7074fab96c4dd577bf1b13f807f0ccf0def6
SHA256

132db572572a160bd3fab2b297453f2a2f7b6934ad37f4eb57367a8fe5de426b
SHA512

072c9eacda5f578b73c45b1e0eb1d3bdbd90a17a82e15b1d3f0acc39a289d957cff2f598a0e0aadbbba4b9a7cda60d7411463d90fc68c3e3e8d5e604f2460fa7
SSDEEP

12288:+49jJ0uUCFbKf6OvobZAp4Ebuf9hQyKcvR:+HNCp3koaeEKLQZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af99a519ec3bad0536122d2e7f809ac

Files

0af99a519ec3bad0536122d2e7f809ac
.exe windows:0 windows x86 arch:x86

51d74ae3626a212e596ccdb261a6006b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SafeArrayPtrOfIndex

wininet

InternetReadFile

avicap32

capCreateCaptureWindowA

msacm32

acmFormatChooseA

ws2_32

WSAIoctl

user32

CreateWindowExA

gdi32

UnrealizeObject

version

VerQueryValueA

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

advapi32

StartServiceA

wsock32

WSACleanup

winmm

waveOutWrite

mpr

WNetOpenEnumA

Sections

Size: 434KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE