b1cbac19b5e8363c3591383e3471b0f9f10f208c9a4856915b95002e4c608a3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1cbac19b5e8363c3591383e3471b0f9f10f208c9a4856915b95002e4c608a3c
Size

1.1MB
MD5

6ee7aa45517bc2d5cbf795d3c62c75d1
SHA1

868a1716eb9d7ac039bd99a26f5ce9dceb2af583
SHA256

b1cbac19b5e8363c3591383e3471b0f9f10f208c9a4856915b95002e4c608a3c
SHA512

ae7008579fb085bb26b0980ebcd531a003fa654b3babb761b4ff5c76abc6dc43a213d2b5f7a75c842ef749e55a8381ae0dd57655e649e4ffa123158a52057b1a
SSDEEP

24576:SeNNFd8RIDb8KnuDIZ1kAhv6Lstkk8AlGwU7KhWIsdPVKpK0Oe6gMQNV:SeoR4b8KukZmAhvAsqylGnub3OXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1cbac19b5e8363c3591383e3471b0f9f10f208c9a4856915b95002e4c608a3c

Files

b1cbac19b5e8363c3591383e3471b0f9f10f208c9a4856915b95002e4c608a3c
.exe windows:5 windows x86 arch:x86

2bb92db044b54ec2d2383b2610f43a37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shlwapi

SHCreateStreamOnFileW

winspool.drv

DocumentPropertiesW

comdlg32

ChooseColorW

comctl32

ImageList_GetImageInfo

shell32

Shell_NotifyIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

ole32

OleRegEnumVerbs

gdi32

Pie

Sections

.text
Size: 1.1MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE