cef5bb03e647880c485751ba473043b2643703730bd797c47be9d205868d2cec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cef5bb03e647880c485751ba473043b2643703730bd797c47be9d205868d2cec
Size

554KB
MD5

bdf40a034638aee541d86a7b75f119a7
SHA1

802ab2cf678a68ff96df147f7ce73db5ef2d58ee
SHA256

cef5bb03e647880c485751ba473043b2643703730bd797c47be9d205868d2cec
SHA512

cdbecfce60ef952ca757c7f2eadea7d4df8d5c6b636a9ecb30c935575395be2cb909f65a9ad05d9c0be9603ee184c4b85bd9a1c8a5f69771653335867e56d693
SSDEEP

12288:8JGVq+tWjDR10ZyDcPTKX7/tFJp79clmlyL5bXy:38jDR1mygPE7JZWs4VbX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cef5bb03e647880c485751ba473043b2643703730bd797c47be9d205868d2cec

Files

cef5bb03e647880c485751ba473043b2643703730bd797c47be9d205868d2cec
.exe windows:5 windows x86

e6b109a4347ec268c0f6a8e80ea477a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

Escape

comdlg32

GetFileTitleW

winspool.drv

GetJobW

advapi32

RegCloseKey

shell32

DragFinish

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW

oledlg

OleUIBusyW

ole32

IsAccelerator

oleaut32

SysAllocStringLen

Sections

.MPRESS1
Size: 545KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE