1f52531c44c3f3f7df05803f218621da7616cb6a81f08687eaf59d214767a73d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f52531c44c3f3f7df05803f218621da7616cb6a81f08687eaf59d214767a73d
Size

14.2MB
MD5

df9890e6a4055b9a2d45a20c2df5fe2d
SHA1

7790a98cd66c9131b70c51d492f840a9b0a9b04e
SHA256

1f52531c44c3f3f7df05803f218621da7616cb6a81f08687eaf59d214767a73d
SHA512

a5f235aafe6dbf0bf904ba784caaa44cca6efa05a47e91c6cb19531bd13b5daef32b2dc4b0b60017125f0ba7a15290d93e0775c47a25f762ffd422cff3ff0f3d
SSDEEP

393216:4vvlGs7E8GHoE/WIV9wtF3cNe91tcyghw:sGr8QoE/WsStL1tcye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f52531c44c3f3f7df05803f218621da7616cb6a81f08687eaf59d214767a73d

Files

1f52531c44c3f3f7df05803f218621da7616cb6a81f08687eaf59d214767a73d
.exe windows:4 windows x86 arch:x86

5e97de547cacbf9eba3a7fd1090f07d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

htonl

user32

GetKeyState

gdi32

LineTo

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CoGetClassObject

oleaut32

SysStringLen

comctl32

ImageList_GetIcon

oledlg

ord8

Sections

.text
Size: 14.0MB - Virtual size: 38.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE