606ce528b403a382ad8034469cd7f0813149d5de2138b7d315e7db3ab9dc42db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

606ce528b403a382ad8034469cd7f0813149d5de2138b7d315e7db3ab9dc42db
Size

9.4MB
MD5

2b453e70526a8620d4bd3cc812e6f87c
SHA1

80f2ca0b59feb5da0201e708d7ce3e56bd5fe19b
SHA256

606ce528b403a382ad8034469cd7f0813149d5de2138b7d315e7db3ab9dc42db
SHA512

55b6793833ea341d0d957ddc0080ad947985f7ad4534db955401ec16e3aca59b924a9533ba3fc5c7f2725e1289a9610938f6822d22e3541e558dac8d9f67d869
SSDEEP

196608:+L4NrLt/Cch8tXC/qSym4RQ9HBu9LN0e0ECmJF/r5NXMo3Zf5TaevAEB803:JNrnb7xlBu9AmJJjXMoJftAC803

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
606ce528b403a382ad8034469cd7f0813149d5de2138b7d315e7db3ab9dc42db

Files

606ce528b403a382ad8034469cd7f0813149d5de2138b7d315e7db3ab9dc42db
.exe windows x86

e26ca7e4c95b94aa66ee6ce4e336d645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SetBkMode

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

OpenThreadToken

shell32

SHAppBarMessage

comctl32

ImageList_AddMasked

shlwapi

PathRemoveExtensionA

ole32

OleSetContainedObject

oleaut32

SafeArrayDestroy

oledlg

ord4

winmm

PlaySoundA

gdiplus

GdipGetImagePaletteSize

oleacc

LresultFromObject

imm32

ImmGetOpenStatus

Sections

.text
Size: 9.4MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE