e1ee7bbff6a3ff65d451b951f09aeb35 | Triage

Sharing

General

Target

e1ee7bbff6a3ff65d451b951f09aeb35
Size

188KB
MD5

e1ee7bbff6a3ff65d451b951f09aeb35
SHA1

d9b0878c20eaa3f4985f522e1c27285dc9de4395
SHA256

e4cef569972dad8288b97638e8f1a616de6b49983bfd2cde7031b9125ea9657d
SHA512

ff8613824fda0fc1d4cd5d60667870e48740f7b5695250a02e9d4c3427a610c8fbfdad3f72e21b6070fde89f59c4eca6744de6c7aca76a0520bce49f734ce2b0
SSDEEP

3072:OlZJjtGkjt8FF0Xsh+ZcoqaiiD6DtzjwEoHDHwXC001HqkN0Qv7Fo:OlfzjtWqhcLaT6xjkjQXZsoq7Fo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1ee7bbff6a3ff65d451b951f09aeb35

Files

e1ee7bbff6a3ff65d451b951f09aeb35
.exe windows:4 windows x86 arch:x86

a17b9ea2c66f70b035ef5960101830bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

SetTapePosition
Sleep
ClearCommError
GetCurrentProcessId
FindClose
GetWindowsDirectoryA
EnumResourceNamesA
InterlockedExchange
GetLocalTime
FatalExit
GetVersion
FindFirstFileA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

mciSendCommandA
sndPlaySoundA

user32

FillRect
ReleaseCapture
SetWindowLongA
GetDlgItem
IsWindow
SetWindowPos
MoveWindow
GetSysColor
GetWindowInfo
LoadCursorA
GetWindowLongA
SetCursor
ReleaseDC
GetDC
SetCapture

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ