a08a80d1b5c7e534272a93f4251d4dc662ee318a4661fe122077d032e427ea59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a08a80d1b5c7e534272a93f4251d4dc662ee318a4661fe122077d032e427ea59
Size

1.1MB
MD5

826bd2983cf5acd83073e7403059ce78
SHA1

068ab1e7eb00e976ced94b5fd6b86d80a818ec50
SHA256

a08a80d1b5c7e534272a93f4251d4dc662ee318a4661fe122077d032e427ea59
SHA512

8dcca96e9d01b0d84c6e94fece5c8cabe5f5bc15c6d2a20cdf0a3137700a63d8e7e168541d7e21169dd6c0f950d9c9df33ad2a57fabc049fce2c78a739476276
SSDEEP

24576:WBb8cSP1OkLOWq94nPmTWpYMeYmXxA9Xuhq13zBzinG:WB4ZUdUmUYMeYm2AhS5inG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a08a80d1b5c7e534272a93f4251d4dc662ee318a4661fe122077d032e427ea59

Files

a08a80d1b5c7e534272a93f4251d4dc662ee318a4661fe122077d032e427ea59
.exe windows:5 windows x64 arch:x64

c57e4f526395288c8406444b38b1e657

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrA

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

SHChangeNotify

oleaut32

OleLoadPicture

version

VerQueryValueW

setupapi

CM_Get_Parent

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
dllMain_Name
main
main1
main5
mainB
mainB_
mainW
main_

Sections

.MPRESS1
Size: 1.1MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE