99656c6117f07f24c20ddb6b805a1bb6f97f0d0abbffdd7d635ef7e49a10ad89 | Triage

Sharing

General

Target

99656c6117f07f24c20ddb6b805a1bb6f97f0d0abbffdd7d635ef7e49a10ad89
Size

1.3MB
MD5

a22802490c4d76230a0d18903a090582
SHA1

5bc515d53ce912ec8567bb0f05b6466293e018df
SHA256

99656c6117f07f24c20ddb6b805a1bb6f97f0d0abbffdd7d635ef7e49a10ad89
SHA512

09b559dc01febb9b6f4a06beb1e69e3aca02d53dec991a6254be5e4ea5d51510665db00f78bb5f3b03e350a2cc13ccb7b040486c78e95c6ab7bc26536b631806
SSDEEP

24576:vHNQqKwXWH7YOt1fg8PW2fmVIhP5JY7iI59AbA0/mseJE8DuhQIs3D7ETRq:vyqtGD1fRhfmCnCd0f/reK8DuuFz7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99656c6117f07f24c20ddb6b805a1bb6f97f0d0abbffdd7d635ef7e49a10ad89

Files

99656c6117f07f24c20ddb6b805a1bb6f97f0d0abbffdd7d635ef7e49a10ad89
.exe windows x86

0bc96b00fcbaff967e6e9e74ebb3a9c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

BeginPaint

gdi32

BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathIsUNCA

oleaut32

VariantInit

ws2_32

getservbyname

Sections

.text
Size: 1.3MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE