2909edfcf5f53522d0fed654a0432d485f76471082f0ef57fcc03e20d77e628f | Triage

Sharing

General

Target

2909edfcf5f53522d0fed654a0432d485f76471082f0ef57fcc03e20d77e628f
Size

1.0MB
MD5

3b632bdbbb3e4c7e1230916828b47f62
SHA1

28780075a43a29924c6891949a3c25d99ef88467
SHA256

2909edfcf5f53522d0fed654a0432d485f76471082f0ef57fcc03e20d77e628f
SHA512

a6b5eadc1e1220736f79c0a02bad3a36804197dc5749ba62cd1fd80219f03115da796181b94df25ed3a5b349f1cfa22885f0e0e57183a3475ca783e368f60b1c
SSDEEP

24576:yNoYMx2ZB8Xk61KmjBpVGE7EjwSM8AXjYRyfhfeQ:21MKB8UyjsE7DlNMRywQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2909edfcf5f53522d0fed654a0432d485f76471082f0ef57fcc03e20d77e628f

Files

2909edfcf5f53522d0fed654a0432d485f76471082f0ef57fcc03e20d77e628f
.exe windows x86

a900cce46c67759e2822a509e6acc601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetParent

gdi32

EndDoc

comdlg32

GetOpenFileNameA

winspool.drv

EnumPrintersA

advapi32

RegSetValueExA

shell32

ExtractIconA

comctl32

ImageList_Draw

oledlg

ord8

ole32

OleLockRunning

olepro32

ord253

oleaut32

SysFreeString

wsock32

htons

Sections

.text
Size: 888KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ