82f6012a388d31df0c9f2bbc881ef7fdc45572c452e30f880215edaa69269220 | Triage

Sharing

General

Target

82f6012a388d31df0c9f2bbc881ef7fdc45572c452e30f880215edaa69269220
Size

1.4MB
MD5

30e163047bce07e4db84a1a7f74dbb44
SHA1

a2809feb1171b3094ad526428fa94035e1b11728
SHA256

82f6012a388d31df0c9f2bbc881ef7fdc45572c452e30f880215edaa69269220
SHA512

4162eb5cf2df0a845c4e403278fe1f65cf6d1153a46a9c43460dfc45f30b7561be617a4528cea5afe8670cb2d930a4cc771021d63d3b88a0cf34335ade20a4b8
SSDEEP

24576:/818h9W09tux94IUUWt4TCvlhv8q1n20W2OZ61rTBTYBHAIpnEr816:/C8hk097imOAm2OZer0AanZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82f6012a388d31df0c9f2bbc881ef7fdc45572c452e30f880215edaa69269220

Files

82f6012a388d31df0c9f2bbc881ef7fdc45572c452e30f880215edaa69269220
.exe windows x86

ab472bdb8dda700adcda2438dea10aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA

user32

LoadIconA

gdi32

GetTextMetricsA

winmm

waveOutRestart

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

inet_ntoa

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 408KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 968KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ