9a21b1632d4572daec390727b9f7736a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a21b1632d4572daec390727b9f7736a
Size

281KB
MD5

9a21b1632d4572daec390727b9f7736a
SHA1

9b0c8f1861eef842ea6da8b8dbaddce1cc3ce64d
SHA256

ad3756040b5222e73f0d1152f00748f24a4d253822ba302fabd11494d8e81e2e
SHA512

b09beb293a71fb8d2998f6a37c102657c90465bc3a1b5fae1dcfe6ffe2bf6b260fe5f74b3c237cbf3fd91db174dd07765e5139e6a211604ede307e083a32e4fd
SSDEEP

6144:6iQsTv5z2JBmprxtGLfKSBD1RpEjdy2JaJ9+Ba9DgJZn9:/prxszKQD1RofOUZn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a21b1632d4572daec390727b9f7736a

Files

9a21b1632d4572daec390727b9f7736a
.exe windows:4 windows x86 arch:x86

0249a7595af23e8af94d791ffae62632

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

winmm

waveInUnprepareHeader

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

wsock32

WSACleanup

urlmon

URLDownloadToFileA

Sections

.text
Size: 271KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

linghun
Size: 17B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE