b9f1ca2ff998f6304b4ecdda031ad027e5de4ad8cac7a7148d5d2d45753cb9de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9f1ca2ff998f6304b4ecdda031ad027e5de4ad8cac7a7148d5d2d45753cb9de
Size

1.7MB
MD5

e5cbe02ba3c2e52f988b12ae73110a0c
SHA1

777f7b8f65a7efa18611a362f050b628a6994cc4
SHA256

b9f1ca2ff998f6304b4ecdda031ad027e5de4ad8cac7a7148d5d2d45753cb9de
SHA512

1ce11feaa6922304a497559e4ebbf65e083b57f59ff0971ca6ccb8fb0ecbf1b37ffc09f29ee7384b01a6d05680454cbb70a16762ceaf29071d8b7cbb42459f17
SSDEEP

49152:tyVe8r4iYUhKNZs66P4dtDinCtcWPaI6q6TuOpzpR:SOi3hKDOP4dtFqJCAD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9f1ca2ff998f6304b4ecdda031ad027e5de4ad8cac7a7148d5d2d45753cb9de

Files

b9f1ca2ff998f6304b4ecdda031ad027e5de4ad8cac7a7148d5d2d45753cb9de
.exe windows:4 windows x86 arch:x86

a6432f014c33b540fad875d95c291522

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP

user32

LoadIconA

gdi32

GetTextMetricsA

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetUBound

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 688KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ