1d5e9e6f5681ec21b43f72596162e109c4790c7253830c5e11da4891a8335a2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d5e9e6f5681ec21b43f72596162e109c4790c7253830c5e11da4891a8335a2a
Size

1.3MB
MD5

94de089ee01752ad5f0d7b96b7fa090c
SHA1

e09d1648e862684c1896b555102859168fe02bb5
SHA256

1d5e9e6f5681ec21b43f72596162e109c4790c7253830c5e11da4891a8335a2a
SHA512

649e03118f92f5c461c2e0557664be558e150bec05b4ad613845b6dfa5c5289a8fdc733afb6d14ce427e4fa293f369fe4d1b0ac92716490d259a6b87401783bb
SSDEEP

24576:juleFn2k1soZYH9VIxOo8UMKoyIXo8dJTOUWFqwF6UPB1eW:j5F2lzCOnndFOUWYw4UJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d5e9e6f5681ec21b43f72596162e109c4790c7253830c5e11da4891a8335a2a

Files

1d5e9e6f5681ec21b43f72596162e109c4790c7253830c5e11da4891a8335a2a
.exe windows:4 windows x86 arch:x86

a77db928924e4161d669e7a76a06a7be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock

user32

GetWindowRect

gdi32

SetWindowOrgEx

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 336KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 964KB - Virtual size: 964KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ