c930192fec93bbdef81d4731d33c7b56a2ab3eae4b7c1936650148d44b81284c | Triage

Sharing

General

Target

c930192fec93bbdef81d4731d33c7b56a2ab3eae4b7c1936650148d44b81284c
Size

3.2MB
MD5

1f5af029328c9ec0088b1ce1a312e1bf
SHA1

46f2729d24f57c177525d25ef3ca245a6f7edc78
SHA256

c930192fec93bbdef81d4731d33c7b56a2ab3eae4b7c1936650148d44b81284c
SHA512

370a9385fa884d1449683b279465ffebc937e73afd6626a8f1a718496b8f1e073e5526508a151eec01c948acd875f3eb7ab2e0ba047814886efa2ac7d6abe357
SSDEEP

98304:+UOQVEuwQgZGbyIKJ5orwzr7GahNnaKJ13:+UtVEH+byIKJNhNnaKJ13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c930192fec93bbdef81d4731d33c7b56a2ab3eae4b7c1936650148d44b81284c

Files

c930192fec93bbdef81d4731d33c7b56a2ab3eae4b7c1936650148d44b81284c
.exe windows:6 windows x86

4f6105647f5fea8fad74cc1b4720563d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

setupapi

SetupDiGetClassDevsW

version

VerQueryValueW

user32

GetDC

gdi32

PatBlt

msimg32

AlphaBlend

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

DragFinish

shlwapi

StrCmpW

uxtheme

IsAppThemed

ole32

DoDragDrop

oleaut32

SystemTimeToVariantTime

gdiplus

GdipFree

oleacc

LresultFromObject

imm32

ImmGetContext

winmm

PlaySoundW

Sections

.MPRESS1
Size: 1.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE