cd7417b9c4ac3034e6b997e8c48b04a5 | Triage

Sharing

General

Target

cd7417b9c4ac3034e6b997e8c48b04a5
Size

415KB
MD5

cd7417b9c4ac3034e6b997e8c48b04a5
SHA1

700e89c31ea13044cf3971985a6af90b999b338e
SHA256

9d8d9d79c863a5dbb2903fc94258b96bf047cf06c30c0e6c71f21b45360d06f1
SHA512

1ff23df149eb6bb18f584eabc5dc24ba898167f3c5a20844dc2843d103a0e11dde2f4220049bfac7d1de9aaae11879c110420e95b2299817a702ee1b3b15d6cb
SSDEEP

12288:meHQjoF71G6s4B/jw1lLEjistYOGaH1bMnuSM3dbbcM:DLGh4B/jCAWstFGQNMuSM3b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd7417b9c4ac3034e6b997e8c48b04a5

Files

cd7417b9c4ac3034e6b997e8c48b04a5
.exe windows:4 windows x86 arch:x86

e2d973060e6a0667baeba846bff69c34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

Sections

CODE
Size: 399KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE