7051d1e7bdc48ba84051755e687a76ba4620aa0a9ea94f157e141c16933c12be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7051d1e7bdc48ba84051755e687a76ba4620aa0a9ea94f157e141c16933c12be
Size

271KB
MD5

7f455e1e46371a228a7cf3b82590a94a
SHA1

87015eec994c6a269406844ad147f1eeadc014aa
SHA256

7051d1e7bdc48ba84051755e687a76ba4620aa0a9ea94f157e141c16933c12be
SHA512

c0cc918cb6d11d20ca2fbce3c6cc8f5d89c76ff752152720daebb2ad1dac0d8286bb8f4763b6ecaa8ca812e37953800589aa2bad76cd04f7255f0f04c73be82e
SSDEEP

3072:gGBoFWzrKDU0E2a/rhVaFQZ0zUk9oNuMj6Evj5rIe9Y9cUTbfHf62xFdO7bIJk:RaU0EZeQ6Uwotj6EvH9vUPf/XFc7bJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7051d1e7bdc48ba84051755e687a76ba4620aa0a9ea94f157e141c16933c12be

Files

7051d1e7bdc48ba84051755e687a76ba4620aa0a9ea94f157e141c16933c12be
.exe windows x86

1b451f0d60a9b01011845d32298fdab7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DeleteMenu

gdi32

IntersectClipRect

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

advapi32

RegDeleteValueW

shell32

ExtractIconW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW

ole32

CoCreateInstance

oleaut32

VariantInit

zlib1

ord50

Sections

.text
Size: 256KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE