b7c6680dc5f29bc6c1a352ed1178729e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7c6680dc5f29bc6c1a352ed1178729e
Size

183KB
MD5

b7c6680dc5f29bc6c1a352ed1178729e
SHA1

e78061ba652199e47beb3211cb7ff19a3c432b07
SHA256

f5b47fbad51e535d1a6bca3a87f0ff42d0c970ba898c87d99e5200d0aa130186
SHA512

bfb48967b40e3c4a82f62f9f035fe42e13e31e342f4f8da3f2404176b3d4bf489aa8574745588c9ff26962bc9211bb4b1bdd36740b3595415a78cebc6b9fba9b
SSDEEP

3072:rpgQhayMqki426yo1/0GqgRD8xsTdJ7WuS15mRta03yOFPEas9q8AC0TFW7gL:rpbaWkU6r1/0HgZ8+TdJ7K5mRgultsUh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7c6680dc5f29bc6c1a352ed1178729e

Files

b7c6680dc5f29bc6c1a352ed1178729e
.exe windows:5 windows x86 arch:x86

bb2ca6b285172b45e55cfa4127e9151c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundW

hookpr

UnmapDll

user32

GetNextDlgGroupItem

gdi32

ExtSelectClipRgn

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

advapi32

RegEnumKeyW

shell32

Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemFree

oleaut32

SysAllocString

wsock32

htonl

psapi

GetModuleFileNameExW

Sections

.text
Size: 170KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE