5a905ad890cf7fd9f18ad6b7987eb12f23bef9d6c8d4f66a2df87ece042fee56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a905ad890cf7fd9f18ad6b7987eb12f23bef9d6c8d4f66a2df87ece042fee56
Size

1.6MB
MD5

41b541392b69c71f3a0c8213bd25db8a
SHA1

2e1638b6aeb6a779c07fcb2c31eb61b33e7c1e96
SHA256

5a905ad890cf7fd9f18ad6b7987eb12f23bef9d6c8d4f66a2df87ece042fee56
SHA512

f26db5feac358d934cdb23752e2ada9a155b953dffbcea82a164861124d980fe26dbb0ab127ed069e75cf9bba06f046e24dd577531b7c558003fbb54e29780f1
SSDEEP

49152:f5mZcT5x0El8fWcZBoTbkt6m1K5bFFYDGPf:J5xXlaBSk8bFYDGPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a905ad890cf7fd9f18ad6b7987eb12f23bef9d6c8d4f66a2df87ece042fee56

Files

5a905ad890cf7fd9f18ad6b7987eb12f23bef9d6c8d4f66a2df87ece042fee56
.exe windows:4 windows x86 arch:x86

8c7d7e87bb9572454f3bf5021fa51315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetLastError

user32

GetMenu

gdi32

PtVisible

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 480KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ