14b753b27e35a53ea51d8f0e5ef44fcd | Triage

Sharing

General

Target

14b753b27e35a53ea51d8f0e5ef44fcd
Size

2.2MB
MD5

14b753b27e35a53ea51d8f0e5ef44fcd
SHA1

2fcd563cffb9bff51c601b5723eb2dad5ff898f0
SHA256

7ddcdbac4289d0d81de9884383ed697978e64e992e010ea8a5625b8cf2c6993d
SHA512

517afb944f4aeca245724deed1366a1e8a1cda0e52dd39440f8807ab8481a234bff3e615668fb73ab73a9e6eaddd4b9bab6f09aaa04c1e5a88fcb04210ae5117
SSDEEP

49152:Re0aGArte5WX46Cxc24JCWtQjPNQBxJn/yuKpaHRowR6qQ:REGArteQI6IOFONQ9/yuKWH6qQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b753b27e35a53ea51d8f0e5ef44fcd

Files

14b753b27e35a53ea51d8f0e5ef44fcd
.exe windows:4 windows x86 arch:x86

e2defc2e850ad331ff1ea9ec5477fafe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfA

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 2.1MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE