a1d56725d6a88a449251a1da59701caa0c3f3bd3e80b9db98b45da8234ae88e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1d56725d6a88a449251a1da59701caa0c3f3bd3e80b9db98b45da8234ae88e1
Size

9.3MB
MD5

9a33d38693c53b494c87e91d00382722
SHA1

3c4f1b4f808324e91102e92a21f42d22db1f8942
SHA256

a1d56725d6a88a449251a1da59701caa0c3f3bd3e80b9db98b45da8234ae88e1
SHA512

ad25e21a65d4e5ab00c9f22e87463ccb60071c58877f03da8672bc7327c19b50e4c06b4ec99f90d49b5774967001cc75018ffb8f76e3bbd2ad256e8d8982819e
SSDEEP

196608:k8ZHmYf/3lCu5xR9faRN5ArhsSSjTpvl0zS7Q3lg6aps4+OIAUU:k8mYf/P5b9gzAiS+Rl0zoElgX9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d56725d6a88a449251a1da59701caa0c3f3bd3e80b9db98b45da8234ae88e1

Files

a1d56725d6a88a449251a1da59701caa0c3f3bd3e80b9db98b45da8234ae88e1
.exe windows:5 windows x86

0e5c658059942ab17466c0de05ed502b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetMenuItemCount

gdi32

CreatePenIndirect

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

OpenThreadToken

shell32

SHAppBarMessage

comctl32

ImageList_AddMasked

shlwapi

PathRemoveExtensionA

ole32

OleSetContainedObject

oleaut32

SafeArrayDestroy

oledlg

ord4

oleacc

LresultFromObject

gdiplus

GdipCreateBitmapFromStream

imm32

ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 9.3MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE