1d91324107788615f4333800e2634c4456bcaf206bef6ada3f24449e294437a0 | Triage

Sharing

General

Target

1d91324107788615f4333800e2634c4456bcaf206bef6ada3f24449e294437a0
Size

3.9MB
MD5

ad7d05b568d5c1cf607fe1a1a6548a97
SHA1

bf79682028ddf80b9691e8726abfbf10c1e5c94d
SHA256

1d91324107788615f4333800e2634c4456bcaf206bef6ada3f24449e294437a0
SHA512

41a3521967bbdb5c334a8f8948cd3793960ebfacab56e48d21cf5550e90c42d95893b4c07e6bb0816c0c5ceba28c3090912b59337ad6fac42cff5c249f64dd07
SSDEEP

49152:1m5Yq6zV7yHOYUE8vOpbdVrbOmFgqCzgfWNh3/VYxlkKDOQEOwo2dkRcTC:1m5/6zdyHLU2pBVrPWNh3NyROfOh2dkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d91324107788615f4333800e2634c4456bcaf206bef6ada3f24449e294437a0

Files

1d91324107788615f4333800e2634c4456bcaf206bef6ada3f24449e294437a0
.exe windows:4 windows x86 arch:x86

a6432f014c33b540fad875d95c291522

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP

user32

LoadIconA

gdi32

GetTextMetricsA

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetUBound

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 764KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ