5dddb73f991691567eb2169ab2a6da0d74a4092d6d1e73b43c658d733bb19d57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dddb73f991691567eb2169ab2a6da0d74a4092d6d1e73b43c658d733bb19d57
Size

1.5MB
MD5

9a417aba5005beea9dd973c8b8308f79
SHA1

c949571ffe917809126ff06ed0d0d5773744d541
SHA256

5dddb73f991691567eb2169ab2a6da0d74a4092d6d1e73b43c658d733bb19d57
SHA512

e0568afb267ed16ee820e9a1ca0937c91345f0efb020b32da7465aacb13db11a94f8abc33b98f594be2f1d4ae02869f48b5dcfeca952fb2f40721833e7e0ac05
SSDEEP

24576:kZQYpEg5w2kJrNM9Rq9ZBL1iaovPTjf/y81QPF8kR4pZJIxOHMZSYFwUaTn+gDnW:keYJzgrNX9fovP2epwxOHM46ATDhM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dddb73f991691567eb2169ab2a6da0d74a4092d6d1e73b43c658d733bb19d57

Files

5dddb73f991691567eb2169ab2a6da0d74a4092d6d1e73b43c658d733bb19d57
.exe windows:4 windows x86 arch:x86

6c359a2045be487f8841f8ff8d8bc83f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

IsDialogMessageA

gdi32

SelectObject

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

shell32

DragQueryFileA

comctl32

ord17

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 644KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ