a2e33c41330f20e2c0b900628679e55a5676ec8250e8cb07e4d236a01821f695 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2e33c41330f20e2c0b900628679e55a5676ec8250e8cb07e4d236a01821f695
Size

4.3MB
MD5

b05c911d509bbe6c76fd640232e8199c
SHA1

dfb743a88f0ad8e3ec8c4f2f75379533c911faf4
SHA256

a2e33c41330f20e2c0b900628679e55a5676ec8250e8cb07e4d236a01821f695
SHA512

e939d7421fe5eb2b37ee0fa0f02a88af03a57d19e12f530d2689949d862d1969cad46999ad1eb3f72916c109152b131623965717812d06bd5409fb392c845586
SSDEEP

98304:rX0e2Qvv2y92Bku7xvVCslvF3qfx6Zmh05Gy9lqrS4ubeml3L:rg+uy45vVXlex6nk6Arbe13L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2e33c41330f20e2c0b900628679e55a5676ec8250e8cb07e4d236a01821f695

Files

a2e33c41330f20e2c0b900628679e55a5676ec8250e8cb07e4d236a01821f695
.exe windows x86

d19f1b252fef36cb7799b118ffabb925

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

MessageBoxA

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

CreateStreamOnHGlobal

comctl32

InitializeFlatSB

msvcrt

memset

shell32

SHGetFileInfoW

comdlg32

PrintDlgW

winspool.drv

WritePrinter

dll\dll_file

unpack

dll\termb

Read_Content

Sections

.text
Size: 4.2MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE