374e0fb7e29253ae35c6037bceb79c136eddb4c3db09087d3bff4e67ef84bc0f | Triage

Sharing

General

Target

374e0fb7e29253ae35c6037bceb79c136eddb4c3db09087d3bff4e67ef84bc0f
Size

8.3MB
MD5

f058cf5c1d665952a3b37ff83cf516d0
SHA1

c4b4d3ca49bf5aabcc0015686d74262b124094d5
SHA256

374e0fb7e29253ae35c6037bceb79c136eddb4c3db09087d3bff4e67ef84bc0f
SHA512

1600e1b76b98ef545c1224c52d2d4639f5edee340bf1c0034ff72e5fdc878c270367eac381ac0e26101f4a11bc02361cd06465fb6db51a40a98a8e7cc29811a4
SSDEEP

196608:+adKCyK/LUdvDWSx5WaI5KdXlPappZNBxCrTXH1CmhdYmNv:+adKxIegpQJVaITlCmsG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374e0fb7e29253ae35c6037bceb79c136eddb4c3db09087d3bff4e67ef84bc0f

Files

374e0fb7e29253ae35c6037bceb79c136eddb4c3db09087d3bff4e67ef84bc0f
.exe windows x86

e26ca7e4c95b94aa66ee6ce4e336d645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SetBkMode

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

OpenThreadToken

shell32

SHAppBarMessage

comctl32

ImageList_AddMasked

shlwapi

PathRemoveExtensionA

ole32

OleSetContainedObject

oleaut32

SafeArrayDestroy

oledlg

ord4

winmm

PlaySoundA

gdiplus

GdipGetImagePaletteSize

oleacc

LresultFromObject

imm32

ImmGetOpenStatus

Sections

.text
Size: 8.3MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE