8b2774e7b82edb97fbfebdba07c1a43a53b0c3958f49d91272f4c56173056155 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b2774e7b82edb97fbfebdba07c1a43a53b0c3958f49d91272f4c56173056155
Size

13.9MB
MD5

6e002131704b691e806651127f67fe49
SHA1

e21fafd84acc2ab55aacd283bf90ab2261ab2734
SHA256

8b2774e7b82edb97fbfebdba07c1a43a53b0c3958f49d91272f4c56173056155
SHA512

2f10b4f3b8f903ac1c73c5e8e38b0444c3bbcae013e24268f112837b08e1f041a66174705fb92426c3fa98f021953c950664c2ba224cdcf45767a600822062d7
SSDEEP

393216:cPyjT4k8bLjjT4k8bLGAXln/9ZJkqHxgqH:Ay34k8bLj34k8bLPJSqHx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2774e7b82edb97fbfebdba07c1a43a53b0c3958f49d91272f4c56173056155

Files

8b2774e7b82edb97fbfebdba07c1a43a53b0c3958f49d91272f4c56173056155
.exe windows:4 windows x86 arch:x86

36e41590ecd1e511aee023b9100452e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

rasapi32

RasHangUpA

winmm

waveOutOpen

ws2_32

select

user32

GetDC

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleRun

oleaut32

SafeArrayAccessData

comctl32

ord17

oledlg

ord8

wininet

InternetOpenA

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 1.1MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE