595946324f9afaf46f4d89fb34680933ef73f2b8e02f475a23ea2380e32abbad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

595946324f9afaf46f4d89fb34680933ef73f2b8e02f475a23ea2380e32abbad
Size

8.2MB
MD5

d302788316773b10e140a749de83b966
SHA1

7ef5bc6ffe0f2c888163997c2a917a79c68b5f85
SHA256

595946324f9afaf46f4d89fb34680933ef73f2b8e02f475a23ea2380e32abbad
SHA512

ff64173de79bb749057df97a781d42d3ce640a12c3f44bc6a017978defc22f86f2be4d1b0270a6140e9dca6c96fcaf5477c4192e72375e3db6c750894de083f1
SSDEEP

196608:JaSIzQrv62IX9MuLHVTWvYpJ5B4SesP006UAJ3rpDS6rX5UhIbsA1:JaRMOpJzCs8BUAtVSmt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
595946324f9afaf46f4d89fb34680933ef73f2b8e02f475a23ea2380e32abbad

Files

595946324f9afaf46f4d89fb34680933ef73f2b8e02f475a23ea2380e32abbad
.exe windows:4 windows x86

0fa8b7ed8e6b3c0677df1d2d352f4ba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetForegroundWindow

gdi32

ExtTextOutA

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

gethostname

comdlg32

ChooseColorA

Sections

.text
Size: 8.2MB - Virtual size: 16.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE