4605b89db15b233d38423085a368d9b0478e83ba7c047e91ddcff9fdb3482144 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4605b89db15b233d38423085a368d9b0478e83ba7c047e91ddcff9fdb3482144
Size

516KB
MD5

4e7c36ec043b586e399a5cd547d98fd5
SHA1

65ec7b3567ebc6ab75cedc34937b7dd9bd3ed952
SHA256

4605b89db15b233d38423085a368d9b0478e83ba7c047e91ddcff9fdb3482144
SHA512

df6cfd7136b17913b89be5efe519115cf017b46b0a42ffce37adb5f4c34ade484a8c77336312d5b5915d20c88885d829017d04dd4e0080981b923c48796a4ddd
SSDEEP

12288:79uBEZygLuGz+C/0EwYa2DlK5F9O2o79:79ogLuJC/0ZYa2DkTQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4605b89db15b233d38423085a368d9b0478e83ba7c047e91ddcff9fdb3482144

Files

4605b89db15b233d38423085a368d9b0478e83ba7c047e91ddcff9fdb3482144
.exe windows x86

0c518958b7874c172a92aa695c7476de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

EnableMenuItem

gdi32

LineTo

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

GetFileSecurityA

shell32

DragFinish

shlwapi

PathStripToRootA

ole32

OleDestroyMenuDescriptor

oleaut32

VariantTimeToSystemTime

version

GetFileVersionInfoA

Sections

.text
Size: 476KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE