ca2699b5cd65ed361db8a31a7e02abc9d6c1333f159e5a662a793b722ce1e1cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca2699b5cd65ed361db8a31a7e02abc9d6c1333f159e5a662a793b722ce1e1cb
Size

583KB
MD5

d2289c33d6bb4544ec3ee46f77a08f2b
SHA1

a693b6eb965589f1574d74cdc00563f5456144c1
SHA256

ca2699b5cd65ed361db8a31a7e02abc9d6c1333f159e5a662a793b722ce1e1cb
SHA512

ab18b7db54fa396c75be9ff80c7f5fcb3d6920eeb89b998c054ccf8f77fb3fd4ae2e5a85386201bf9a81cc123947e4ae85a1f479f57859af13522d476af84c0e
SSDEEP

12288:lUm0pzncaZ2OE8A8+ZJSvMneLadWDplWnYHR4Vh3Z2R9QCVrFaflUES9eRS:lR0nJA8+yvMuadWdQYxMJ2RKArQf+K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca2699b5cd65ed361db8a31a7e02abc9d6c1333f159e5a662a793b722ce1e1cb

Files

ca2699b5cd65ed361db8a31a7e02abc9d6c1333f159e5a662a793b722ce1e1cb
.exe windows x86

06cf275f44fab90b91e0a90585888b2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetScrollRange

gdi32

SaveDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegSetValueA

shell32

SHGetFileInfoA

comctl32

ImageList_AddMasked

oledlg

ord8

ole32

OleFlushClipboard

olepro32

ord251

oleaut32

SysStringLen

odbc32

ord4

wsock32

gethostbyname

Sections

.text
Size: 565KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE