c32f0ae9d5c817f202744602075ff035ee756cff3f5a7b4d8af505c7e57899d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c32f0ae9d5c817f202744602075ff035ee756cff3f5a7b4d8af505c7e57899d5
Size

3.2MB
MD5

22c2f181524a6c93c1e2ee02f8c51832
SHA1

ad19a6b32aaa4bd12d340fc98faf25ce84151578
SHA256

c32f0ae9d5c817f202744602075ff035ee756cff3f5a7b4d8af505c7e57899d5
SHA512

b36623caeb65260e6d9403c7bcf7b13802f83169e9eeec1f097b3c60bd736a8e6d9b13da4b18702b3fc5ef1d2b6882fbab4eed826d702b4d4449e762fe9d8a3e
SSDEEP

98304:fWlxm5dlWFhR9veT5wSQPmSLWt30KTnVI:fAmTlWFf9vK+SQPmaWtEKJI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c32f0ae9d5c817f202744602075ff035ee756cff3f5a7b4d8af505c7e57899d5

Files

c32f0ae9d5c817f202744602075ff035ee756cff3f5a7b4d8af505c7e57899d5
.exe windows:4 windows x86

25835990b7a69cfe918b6bf32ae04da5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

msimg32

AlphaBlend

gdi32

WidenPath

version

VerQueryValueA

mpr

WNetGetConnectionA

olepro32

OleLoadPicture

ole32

CreateStreamOnHGlobal

comctl32

FlatSB_SetScrollPos

imm32

ImmGetCompositionStringW

shell32

ShellExecuteA

winspool.drv

WritePrinter

comdlg32

PrintDlgA

wsock32

WSACleanup

netapi32

Netbios

gdiplus

GdipGetImageHeight

winmm

timeGetTime

Sections

.text
Size: 3.1MB - Virtual size: 13.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE