2a622097618290a1aad6066d0172d46f54032cc92eae8f5435e30fff57d04d13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a622097618290a1aad6066d0172d46f54032cc92eae8f5435e30fff57d04d13
Size

1.4MB
MD5

d935d5a23a06f4d9a1fd1fc81848314b
SHA1

5900d6ff8264cd77d08edd7f52f31f8b87dafbf6
SHA256

2a622097618290a1aad6066d0172d46f54032cc92eae8f5435e30fff57d04d13
SHA512

a12efa9b7d029f5743dfe5cf72d6a85b8a8eadb232472fe4212841e74fc121d5167bf00afaadddbd2d7fa0c5f1a99ac9be8fe563b741b43f2a6295f8c7b43afd
SSDEEP

24576:a6eqH1o2H2HESq2eWJ6MQjySjy+9fTgIIy36NxXB+/4pcON+xFrr8dAQN77PfpP4:aVqu2H2tFvduySb9b6Nxx+/46esFrrCk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a622097618290a1aad6066d0172d46f54032cc92eae8f5435e30fff57d04d13

Files

2a622097618290a1aad6066d0172d46f54032cc92eae8f5435e30fff57d04d13
.exe windows x86

72d77f07367a26d5037afd50ff4a76ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers

user32

GetTopWindow

ole32

CoCreateInstance

gdi32

ExtTextOutA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

winspool.drv

ClosePrinter

comctl32

ord17

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 500KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sedata
Size: 904KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ