9b6d7b2a515584ac35694589062d09c9a1aec1503ad823cc308d8cf6b9dfa350 | Triage

Sharing

General

Target

9b6d7b2a515584ac35694589062d09c9a1aec1503ad823cc308d8cf6b9dfa350
Size

300KB
MD5

30075778503e0fa26beebc0966c4f582
SHA1

cd844fe05062b1fd8ed7fd03df936cb123b262d8
SHA256

9b6d7b2a515584ac35694589062d09c9a1aec1503ad823cc308d8cf6b9dfa350
SHA512

cfe4b27d325ac88522c15b3b1ca0026a26f44a0846f939ddcd3a59a4cdba1a4b06605735559564996561a9540f21a7be519403472e06fb2e210e124f67123f50
SSDEEP

3072:zIgihjZYcDFtPzauRhqcQzQzhmEOW/I7I8nFtSLl3YKPXGDNWXS4NxsEZG/vkfDL:UNFtPuQqcjh6pFtSIKPXeWXS4zRU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b6d7b2a515584ac35694589062d09c9a1aec1503ad823cc308d8cf6b9dfa350

Files

9b6d7b2a515584ac35694589062d09c9a1aec1503ad823cc308d8cf6b9dfa350
.exe windows:6 windows x86 arch:x86

ca49e09c5bff700a255350328ea20615

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetSystemDirectoryW
GlobalLock
GlobalUnlock

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantInit

user32

CloseClipboard
GetClipboardData
GetDC
GetSystemMetrics
GetWindowLongW
OpenClipboard
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetObjectW
SelectObject

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ