0efd9fb4fba40cb6463398fc70c12edfbcfe7abc877524d4a54e54b7d7778206 | Triage

Sharing

General

Target

0efd9fb4fba40cb6463398fc70c12edfbcfe7abc877524d4a54e54b7d7778206
Size

554KB
MD5

0677dc42b8e04b4a845e746d44903a88
SHA1

c4dca5aafcece6435a73bae0efdb69ea67998f70
SHA256

0efd9fb4fba40cb6463398fc70c12edfbcfe7abc877524d4a54e54b7d7778206
SHA512

097ec61d787d4bba8d33f0b8a51b2d0d351e5b1dfa0b015627ef187c2cf4d23a593f8f844f7030483a345bd3031b0612143ca3aafd59ee8e2de55c5f86810cfc
SSDEEP

12288:muLO7BKrBjDlJ0acPd5I/xwQm4qhYpABFQYjbA2GHuHoG0/z:1LugBjBSjPE/xwAqOA5jpGH7G0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0efd9fb4fba40cb6463398fc70c12edfbcfe7abc877524d4a54e54b7d7778206

Files

0efd9fb4fba40cb6463398fc70c12edfbcfe7abc877524d4a54e54b7d7778206
.exe windows:4 windows x86

a65750b0266105b8e7a4f35011ac189b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

OpenClipboard

gdi32

GetClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantCopyInd

comctl32

ImageList_Destroy

ws2_32

ioctlsocket

comdlg32

ChooseColorA

Sections

.text
Size: 540KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE