421b757c55e63dd04b96d990de992956 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421b757c55e63dd04b96d990de992956
Size

610KB
MD5

421b757c55e63dd04b96d990de992956
SHA1

6b9093d3021ff3ab84b2c53e0cebf33a9208ef47
SHA256

1a85528cdc0ff8916536c609a3d2fa35c49e495e0f95d9c51e0febf1763d5c53
SHA512

6ce9aa18e6614c3df023d08c76de4c3adaf49ef03b9556f01d98e96fae464d03e58ef7bc663f36a1ede03e394c50bbcb65876da767bb8c7084f2838e93ee524b
SSDEEP

12288:td5I8s0HWaBU3ZNVhs/6ON/+JLvq0tvDPedQ2v5VQrk0haVMX7gjgpk:rXV2a63ZVm/lzRyrhaMrgjW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421b757c55e63dd04b96d990de992956

Files

421b757c55e63dd04b96d990de992956
.exe windows:4 windows x86 arch:x86

dd506b0d2cf230cadd9d0832b777fc1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

urlmon

URLDownloadToFileA

winmm

waveOutSetVolume

Sections

CODE
Size: 591KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE