1caecae9cecdf1b8b06c9689f7581df199d69b766c66fa9320679e4e7f9b3048 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1caecae9cecdf1b8b06c9689f7581df199d69b766c66fa9320679e4e7f9b3048
Size

3.4MB
MD5

f68be883be8bb8dee507eabd9ec3026e
SHA1

c600801a778e8c2b2bcf9145985bb9bcb2f01b01
SHA256

1caecae9cecdf1b8b06c9689f7581df199d69b766c66fa9320679e4e7f9b3048
SHA512

b34c185445cfa0132fa7909c3760ee892efca290dcd580052488465b3e3a68869833be6171f3db61b4c348e169107fd9d735d390d9460fee1494006de870f882
SSDEEP

98304:RgEyhZdtlAjwx8g8xrGln53mO5WMSIMkUPGPmw:qEyDlZT8lGln5WfkMnw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1caecae9cecdf1b8b06c9689f7581df199d69b766c66fa9320679e4e7f9b3048

Files

1caecae9cecdf1b8b06c9689f7581df199d69b766c66fa9320679e4e7f9b3048
.exe windows:4 windows x86

7482cada4e6b6caa80e405a4cd9f5593

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

CryptAcquireContextA

version

GetFileVersionInfoA

wsock32

WSAAsyncGetHostByName

winspool.drv

ClosePrinter

comctl32

FlatSB_GetScrollInfo

comdlg32

GetOpenFileNameW

gdi32

AbortDoc

msimg32

AlphaBlend

shell32

SHGetFileInfoW

user32

ActivateKeyboardLayout

winmm

sndPlaySoundA

ole32

CLSIDFromProgID

oleaut32

CreateErrorInfo

gdiplus

GdiplusStartup

Sections

.text
Size: 3.4MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE