15aa57bdba3f85c1c8ac79645c3d453d31f2ede7d9136abd1b8f24ff150e56b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15aa57bdba3f85c1c8ac79645c3d453d31f2ede7d9136abd1b8f24ff150e56b8
Size

1.2MB
MD5

c6920fc9c25a8447ede79495ffcc2f17
SHA1

f6d8a969e765096dfca45250136d9c1f23c20157
SHA256

15aa57bdba3f85c1c8ac79645c3d453d31f2ede7d9136abd1b8f24ff150e56b8
SHA512

f07577448a468868777e84e0b37fb230c5ea347a3d60b86fc127b44c6d5335dfe4cbba80e82fbd3d7f9940d629aa220c281234928b62568faa427dc7f71c5110
SSDEEP

24576:8f3Azv4FJzjoHn9EzS15LLFIfEeQc7/Fet+D/xWYbi1DRYcHO9:8fQzgFJzcHn+zS15LpoEcFw+DbERY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15aa57bdba3f85c1c8ac79645c3d453d31f2ede7d9136abd1b8f24ff150e56b8

Files

15aa57bdba3f85c1c8ac79645c3d453d31f2ede7d9136abd1b8f24ff150e56b8
.exe windows x86

b9c4fbe9894bc23a848d46b1faf90e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetWindowsHookExA

gdi32

SetTextColor

comdlg32

GetOpenFileNameA

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyA

shell32

DragFinish

comctl32

ImageList_AddMasked

oledlg

ord8

ole32

CoTaskMemFree

olepro32

ord253

oleaut32

SysAllocStringLen

odbc32

ord10

wsock32

WSASetLastError

wininet

InternetGetLastResponseInfoA

imm32

ImmAssociateContext

Sections

.text
Size: 1.2MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE