26f9e6ff342ba45c6d5de6ceb27cf1b4 | Triage

Sharing

General

Target

26f9e6ff342ba45c6d5de6ceb27cf1b4
Size

303KB
MD5

26f9e6ff342ba45c6d5de6ceb27cf1b4
SHA1

39054bab50ddac89d5c5126aa5ae41e91e990b72
SHA256

3eca0ea2ef9696d050838b556e357f1d34a18562aec19839e41cb29f17647217
SHA512

421d75596b304f053cfd2c85b5d1eccef33c27d5f5c63d8dbace82fff0582c8b65cd623e57d056f9d141b508442c623cb7e13de21ba44d302a81fefc7e546bc2
SSDEEP

6144:zFHbemuvH6nLZ4WxmQAx83gAldyZcoB/NCe0glgIMR7wi:BHbedvaLuUmQAu3Do2W4glS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f9e6ff342ba45c6d5de6ceb27cf1b4

Files

26f9e6ff342ba45c6d5de6ceb27cf1b4
.exe windows:4 windows x86 arch:x86

b20f0bd037776d02d8a20d43233f4af6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegCloseKey

comctl32

ImageList_Add

gdi32

SaveDC

oleaut32

VariantCopy

urlmon

URLDownloadToFileA

version

VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE