6affd3224ac4be042ded07ae50fcebc32986ea9d5d05e2756b9ab686030c0266 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6affd3224ac4be042ded07ae50fcebc32986ea9d5d05e2756b9ab686030c0266
Size

6.9MB
MD5

148b19a669c1f98b7fdf7987d85bfb33
SHA1

cd3670df53c401f92b4f5293ebe232a1b9f03ac0
SHA256

6affd3224ac4be042ded07ae50fcebc32986ea9d5d05e2756b9ab686030c0266
SHA512

266e8bd53c05c8a15fca7f0b9187913e81fbc6b016cfa296f16b1d79698cc01021246e79c53972303a89bfc354ce0472ca65316723b0244699018e907d751fc0
SSDEEP

196608:BaVkeaD0/fu+9NReLFLNmJUplXJzUAU2aVCp:BaVkANQLFLuIJ4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6affd3224ac4be042ded07ae50fcebc32986ea9d5d05e2756b9ab686030c0266

Files

6affd3224ac4be042ded07ae50fcebc32986ea9d5d05e2756b9ab686030c0266
.exe windows:5 windows x86

27b95feea8392c589f659515f9f5c92c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

GetTextColor

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

SetThreadToken

shell32

SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA

oledlg

ord3

ole32

OleQueryLinkFromData

oleaut32

VariantInit

oleacc

LresultFromObject

Sections

.text
Size: 6.9MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE