f802761f6f5c13d3faed9fda8fa30b7a1e42bc04454a6ef267953d8cd0dcd320 | Triage

Sharing

General

Target

f802761f6f5c13d3faed9fda8fa30b7a1e42bc04454a6ef267953d8cd0dcd320
Size

3.2MB
MD5

e82ac09c5861ea183171c70b9332de16
SHA1

5a514790c3ad530911934451718528615650850a
SHA256

f802761f6f5c13d3faed9fda8fa30b7a1e42bc04454a6ef267953d8cd0dcd320
SHA512

e0267343163dfae0df0f6ab7dc641fb4c24a2981d7578af081076c1ea0ff5c12b361c2943d250ffafce153b07a00ec6d28b50a1b54dd3e162038b017321b7a2d
SSDEEP

98304:zZBXN1WIJrGDRRwOU8C4VMy/3gAJ7P5Rms5V:FBXNcW785w4rS8V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f802761f6f5c13d3faed9fda8fa30b7a1e42bc04454a6ef267953d8cd0dcd320

Files

f802761f6f5c13d3faed9fda8fa30b7a1e42bc04454a6ef267953d8cd0dcd320
.exe windows x86

a509b84e13c30e1067fbefe35d8528a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

MultiByteToWideChar

user32

GetWindow

gdi32

GetTextMetricsA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.2MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ