656b4cf095c4fce40a5d7df5e80486e089707aa11b9f1fa9ca781eed1d0cfaac | Triage

Sharing

General

Target

656b4cf095c4fce40a5d7df5e80486e089707aa11b9f1fa9ca781eed1d0cfaac
Size

2.2MB
MD5

a2c4c96b2794a158f51a56d5f301e0b2
SHA1

65a4707e9471b681c48a9fda6a7ac000a287c159
SHA256

656b4cf095c4fce40a5d7df5e80486e089707aa11b9f1fa9ca781eed1d0cfaac
SHA512

3665f49b590ca56bf6041a93ffa8f71d37004a8e4eff001812c60ff9d8b48b5e3a6a6c3e384f71499514aa76f5d5ba88ab47a71974504018a151dd8db25e2b92
SSDEEP

49152:HkBfUc4ThzWcSpe6tDmfS2rCCKb+chdWc0HXJI2O5Y:HeUuJpe6tDmfLrHO+cj4Jq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
656b4cf095c4fce40a5d7df5e80486e089707aa11b9f1fa9ca781eed1d0cfaac

Files

656b4cf095c4fce40a5d7df5e80486e089707aa11b9f1fa9ca781eed1d0cfaac
.exe windows:5 windows x86 arch:x86

5aa94c7fbfc01c9462c4d62e06efe88a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shell32

SHCreateDirectoryExW

shlwapi

UrlIsW

userenv

CreateEnvironmentBlock

gdi32

GetTextFaceW

advapi32

OpenServiceW

comctl32

_TrackMouseEvent

ole32

CoCreateInstance

oleaut32

SafeArrayUnaccessData

gdiplus

GdipCreateBitmapFromScan0

Sections

.text
Size: 2.1MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE