66f894ddbea1c1f84ff862600c5a57ac5d7325a411de9f543cc44343870a1e2c | Triage

Sharing

General

Target

66f894ddbea1c1f84ff862600c5a57ac5d7325a411de9f543cc44343870a1e2c
Size

1.5MB
MD5

e49046be2d9aad774dfd990a948cdd96
SHA1

9f324e2ad4cafd3379fbea5a808e7517767942a4
SHA256

66f894ddbea1c1f84ff862600c5a57ac5d7325a411de9f543cc44343870a1e2c
SHA512

74d5b79018375498a86201a7c677c5815c09feeade6f656a23142185ea290e142e640e7c83dc8975c9ef9d9112bebfcc6cbc450290eb71f6ace38f4404ba3851
SSDEEP

24576:cfpxFycUH8wlRij8wk783FQtqjE2LEIxeb4jJ9TKyf1QOb14vh46gS8xuMnb9Y8:cxxFylT4j8w/Hj3YklxKyf1vp4vhCxPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f894ddbea1c1f84ff862600c5a57ac5d7325a411de9f543cc44343870a1e2c

Files

66f894ddbea1c1f84ff862600c5a57ac5d7325a411de9f543cc44343870a1e2c
.exe windows x86

72b36cee53a20939b9a8df3397911b7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

waveOutRestart

ws2_32

ntohl

user32

ScrollWindowEx

gdi32

CreateCompatibleDC

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

Sections

.text
Size: 1.4MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE