14c0b3e53dbca9fac17605e63ed29114db1f267d3fdf19bf296eff186bd4e06f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14c0b3e53dbca9fac17605e63ed29114db1f267d3fdf19bf296eff186bd4e06f
Size

9.1MB
MD5

2dec5d2cea40a7250de3f003087c6cd7
SHA1

c494dc2bed6f1c0bcdb1c5d2019480b13f154421
SHA256

14c0b3e53dbca9fac17605e63ed29114db1f267d3fdf19bf296eff186bd4e06f
SHA512

61536660005407359dada6a73427f8f993f4b59d48c0c594f72ac7fbe6e5a4ec96d22753046fb13b3c72206548bceb28974fcc87482828fdddfeeea2eb3a6b9a
SSDEEP

196608:RzveBQ4lxdxjkBMCgDjPp4DeWHVqLeYniLpc:5veBt1umjPp4DeW1qLxn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c0b3e53dbca9fac17605e63ed29114db1f267d3fdf19bf296eff186bd4e06f

Files

14c0b3e53dbca9fac17605e63ed29114db1f267d3fdf19bf296eff186bd4e06f
.exe windows:5 windows x86

27b95feea8392c589f659515f9f5c92c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

GetTextColor

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

SetThreadToken

shell32

SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA

oledlg

ord3

ole32

OleQueryLinkFromData

oleaut32

VariantInit

oleacc

LresultFromObject

Sections

.text
Size: 9.1MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE