ececd9f66ddcba47ca4d7dfa2d503d7b2182367c0f94037b5e4ad9bb4646b914 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ececd9f66ddcba47ca4d7dfa2d503d7b2182367c0f94037b5e4ad9bb4646b914
Size

8.1MB
MD5

6517b9b7a49486ee295aeaf156d93ab8
SHA1

c885d620eceabd865f0c61f6cc2ce02e974b880f
SHA256

ececd9f66ddcba47ca4d7dfa2d503d7b2182367c0f94037b5e4ad9bb4646b914
SHA512

401a1a1292bf624d999cd8598ae1c5343f51daa5846fd4b386b316c651a64418b840dd60b8fe760971825676606980543f1bd73b7aa57b76a1851e20967c17d8
SSDEEP

196608:j4S1hbTRIyVbkQvbY0Cn3pgHF7SrVy8zQfW6G+Qz2:j4S1hbFVFvbY0C5Wk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ececd9f66ddcba47ca4d7dfa2d503d7b2182367c0f94037b5e4ad9bb4646b914

Files

ececd9f66ddcba47ca4d7dfa2d503d7b2182367c0f94037b5e4ad9bb4646b914
.exe windows:5 windows x86

e26ca7e4c95b94aa66ee6ce4e336d645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SetBkMode

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

OpenThreadToken

shell32

SHAppBarMessage

comctl32

ImageList_AddMasked

shlwapi

PathRemoveExtensionA

ole32

OleSetContainedObject

oleaut32

SafeArrayDestroy

oledlg

ord4

winmm

PlaySoundA

gdiplus

GdipGetImagePaletteSize

oleacc

LresultFromObject

imm32

ImmGetOpenStatus

Sections

.text
Size: 8.1MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE