61883273ff335b0e37a86b52811017db3d90b6bc4c97b77c94af90f0c9af2f83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61883273ff335b0e37a86b52811017db3d90b6bc4c97b77c94af90f0c9af2f83
Size

11.4MB
MD5

cc87bea6875d638fc2878cb86cc4d728
SHA1

12af395028af0d9f611287315ef40a5751772ef3
SHA256

61883273ff335b0e37a86b52811017db3d90b6bc4c97b77c94af90f0c9af2f83
SHA512

c08ee6624ed83a1209c6aaa6fad1b0b23683856fdcb7d338bd2e9558df6c547c95129a4467fb0431e245b5081503007d5aaeb2e61488b1831b7cd7b8b14cec89
SSDEEP

196608:8Fl5poKEGK54nLHXD4oOVqMBfOo6eU7iayz+r83k8EzBnMpAf2FaqggaE:8rTEy3cVqMdaiayZkBzBiAeFa5gz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61883273ff335b0e37a86b52811017db3d90b6bc4c97b77c94af90f0c9af2f83

Files

61883273ff335b0e37a86b52811017db3d90b6bc4c97b77c94af90f0c9af2f83
.exe windows:4 windows x86 arch:x86

51e9377f618b9759c75dab821ab20a91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

GetSystemPaletteEntries

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 9.8MB - Virtual size: 25.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE