880c4a291e9b6612c4fc2585a0f12cc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

880c4a291e9b6612c4fc2585a0f12cc4
Size

167KB
MD5

880c4a291e9b6612c4fc2585a0f12cc4
SHA1

3245fe44f3a2914273fbe50fb2f984b32d5c382b
SHA256

43f24405a5f64bfa2a5f20d3a94a0579ff7312bc2791b154c7c506e811300330
SHA512

9ebc777ff29faa73e5d7317dcf5d3f3eea1e1c247460109bf60dc10b18c8e09c8fbd1cbb1a55428724413af2204952323caf3298771e4f82325d791122ba5a7e
SSDEEP

3072:cNehnpP6PLfNP8UuTXr1VI1AKVT0/P6nz1B:cenp6raUuzrS4az1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
880c4a291e9b6612c4fc2585a0f12cc4

Files

880c4a291e9b6612c4fc2585a0f12cc4
.exe windows:4 windows x86 arch:x86

c3f173eb30f3c3cfd1124d15b2db142f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapFree
HeapAlloc
HeapDestroy
GetCurrentProcessId
IsBadWritePtr
HeapReAlloc
GetSystemTimeAsFileTime
EnumSystemLanguageGroupsW
VirtualFree
QueryPerformanceCounter
SetLastError
GetWriteWatch
TlsAlloc
HeapCreate
VirtualAlloc
TlsFree

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

winmm

mciSendCommandA

oleacc

CreateStdAccessibleObject
AccessibleChildren

msimg32

AlphaBlend
TransparentBlt

user32

GetWindow
CreateWindowExA
DestroyIcon
SetWindowTextA
GetDlgItem
LoadStringA
LoadImageA
GetParent

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ