f527ee39669ee58534b18f029e8af1903a8798f048f454afb681b7dfba7a407d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f527ee39669ee58534b18f029e8af1903a8798f048f454afb681b7dfba7a407d
Size

7.4MB
MD5

f4bcbaac1c79477952e47344e36fe719
SHA1

9ec89a9f22a8bd451183ba3a0210de06feab6536
SHA256

f527ee39669ee58534b18f029e8af1903a8798f048f454afb681b7dfba7a407d
SHA512

9eb41252e2c8f5c39b013b7510a643ab9a342e0c7d74804f586b8a29373634e1baf5ebae0cbc89b558d9f077fb3f78cc5a0713c2e7e65a2f3954b2e6df507272
SSDEEP

98304:9elWb+/aAGPA6XXQwSZaPbb2Qhnf1c70kX1Ixoux9eu5+bOb9sApOPHdCREwT:9elWgapX/SZajzntc7xclPdno1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f527ee39669ee58534b18f029e8af1903a8798f048f454afb681b7dfba7a407d

Files

f527ee39669ee58534b18f029e8af1903a8798f048f454afb681b7dfba7a407d
.exe windows x86

27b95feea8392c589f659515f9f5c92c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

GetTextColor

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

SetThreadToken

shell32

SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA

oledlg

ord3

ole32

OleQueryLinkFromData

oleaut32

VariantInit

oleacc

LresultFromObject

Sections

.text
Size: 7.4MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE