a7c9cc3a90e8e55dcf30cdec60954771938f1a59be6821346a125d07039fb630 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7c9cc3a90e8e55dcf30cdec60954771938f1a59be6821346a125d07039fb630
Size

3.6MB
MD5

2c189aee7481ab41697880f6219d233d
SHA1

5a791004e83ed4805faaa63399c5a425c60bb956
SHA256

a7c9cc3a90e8e55dcf30cdec60954771938f1a59be6821346a125d07039fb630
SHA512

0a1a21b88c31ba7b42706b30ab0b079ad77d1fe98494f92516e34368baed9e5b2d3071da4d87afd181b61cd92af3e596a69096bf5de7452d28aa2fef6d36387c
SSDEEP

98304:UuRJ1cnrvd8Kw6Pp6MAYx6lpBbuRRNgTzHXUB2hTlUXZ2dL:UuRJeZ8HlpqRNOs2tlzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c9cc3a90e8e55dcf30cdec60954771938f1a59be6821346a125d07039fb630

Files

a7c9cc3a90e8e55dcf30cdec60954771938f1a59be6821346a125d07039fb630
.exe windows:4 windows x86 arch:x86

0e5cec0cc5a88549685ee0287d8bca65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

OpenProcess

user32

ScreenToClient

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.7MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ