a8e0758664ab960906c08d5415c74d499bf83c93dd0ed6fcded08314661eb3b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8e0758664ab960906c08d5415c74d499bf83c93dd0ed6fcded08314661eb3b7
Size

2.7MB
MD5

e7101c16463937dd409681589f93695f
SHA1

15c5cbb6c41eb9339e48cc6e3617041faae31fc1
SHA256

a8e0758664ab960906c08d5415c74d499bf83c93dd0ed6fcded08314661eb3b7
SHA512

d634bdbdffc83f62cca82e4f51ec47f4b37a1f4b2f3d4e1ae6baf101cec80e85397fa07bfad5f654e3ded364b562b587949faccd237241894de08314fe3fa8f2
SSDEEP

49152:zGT8XD6EQ0gztk+ZKq9dulP20WxhGAKsSAHesm1gzn858hggoUSDSV:zF26KRDdu9cxhFjXm1gznXgg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e0758664ab960906c08d5415c74d499bf83c93dd0ed6fcded08314661eb3b7

Files

a8e0758664ab960906c08d5415c74d499bf83c93dd0ed6fcded08314661eb3b7
.exe windows x86

60cecdfa6b11db35ca6ba2b46c3688f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetLastErrorA

version

VerQueryValueA

gdi32

UnrealizeObject

msimg32

TransparentBlt

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

imm32

ImmGetOpenStatus

winspool.drv

OpenPrinterA

shell32

Shell_NotifyIconA

comdlg32

PageSetupDlgA

oledlg

OleUIObjectPropertiesA

wsock32

WSACleanup

winpplb

B_GetUSBDeviceInfo

Sections

CODE
Size: 2.6MB - Virtual size: 17.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE