a436ea49b694a2e24e5df757265666ac91a12105e245a9772d495e307ac459cd | Triage

Sharing

General

Target

a436ea49b694a2e24e5df757265666ac91a12105e245a9772d495e307ac459cd
Size

3.6MB
MD5

0e852f508ae438b9579ba4a10ba35cfe
SHA1

8f6a9422f269f9955713238e9c8f38d9e73dda5e
SHA256

a436ea49b694a2e24e5df757265666ac91a12105e245a9772d495e307ac459cd
SHA512

7fb37558aa8e5cf9d5ebb52405f947247a36b9f4205d0c5feb079f88252729442b0568e3c7500879f8950edbf1b7420caefec73987ece6ee8e5e241780b71be2
SSDEEP

49152:tu9FyDZvBI7jqh7yW/eCjDyDVZ90xiVsbSNXObXCDyvnFfdPT3yzNCpSbSH2/spC:2IDZvB4mhOp74S8bJvZ13GNkSw2/spC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a436ea49b694a2e24e5df757265666ac91a12105e245a9772d495e307ac459cd

Files

a436ea49b694a2e24e5df757265666ac91a12105e245a9772d495e307ac459cd
.exe windows x86

5b3a6d9f066714154cee9655bb398cf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException

user32

LoadIconA

gdi32

GetTextMetricsA

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetElement

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.6MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sedata
Size: 1008KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ