b541f19197e5e832427072d77207dcff | Triage

Sharing

General

Target

b541f19197e5e832427072d77207dcff
Size

2.6MB
MD5

b541f19197e5e832427072d77207dcff
SHA1

f53916545ea4641802889f3fba920f9cf489853c
SHA256

8ff0298b60d509a9c4f70655a2643a031be45be54c6093c4e9702075e2204773
SHA512

fafa5a9c8fff13d6f944eac96cbbef6f3be2845ffbd785c33d152e2f6c84b52ea162677e6e567c18cfea88f06fe86f3109dc7f44ef1f6dac06a3695ae4d70836
SSDEEP

49152:ECyT1aT0luppOXsG0QsVtdIzMt2ilqiH84Bt1jOMljSFPM55Rv2G:ECuET0SpOXMIQMU9H84Btx9ARon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b541f19197e5e832427072d77207dcff

Files

b541f19197e5e832427072d77207dcff
.exe windows:4 windows x86 arch:x86

b86cf5ffb2bcd9cd06d59b287065b137

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

CODE
Size: 2.6MB - Virtual size: 18.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE