da36adba33e607d36fcea697ee634ba45a1383728f1f7c698b684ad8c59a85b8 | Triage

Sharing

General

Target

da36adba33e607d36fcea697ee634ba45a1383728f1f7c698b684ad8c59a85b8
Size

9.2MB
MD5

6c37b8be82042c54d70b3036a12d48d3
SHA1

c759416dc32a5abc2e210b1f35a3cde379ed07aa
SHA256

da36adba33e607d36fcea697ee634ba45a1383728f1f7c698b684ad8c59a85b8
SHA512

98d2065b7659484216e6065fb50baa068b7ef8dcf2436b0c2c938ab77af24665e1991babeabd9a67b5643c27e2b2f5f357f1c0a2a0e44c5c334304afea28b0be
SSDEEP

196608:prSmjPHTsyFvZ57g3lBpQKDd3EfPjeG4Apyfu:pRjfQAvP7UlzRd3EHjeX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da36adba33e607d36fcea697ee634ba45a1383728f1f7c698b684ad8c59a85b8

Files

da36adba33e607d36fcea697ee634ba45a1383728f1f7c698b684ad8c59a85b8
.exe windows:5 windows x86

4f2698e388430cc4104663060d067bf5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

GetDeviceCaps

msimg32

TransparentBlt

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ExtractIconA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA

uxtheme

GetCurrentThemeName

ole32

OleUninitialize

oleaut32

SysStringLen

oledlg

ord8

winmm

PlaySoundA

gdiplus

GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow

imm32

ImmReleaseContext

Sections

.text
Size: 9.1MB - Virtual size: 11.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE