fa0248d445f606159c60506ec1432a800df4b0932a6551e2a665ea068033a457 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa0248d445f606159c60506ec1432a800df4b0932a6551e2a665ea068033a457
Size

1.6MB
MD5

63aa1bc6344c813b94d8b5229ecfe3fb
SHA1

0447a5dd24293e6f0536f10e7b38c0d24c3a6c24
SHA256

fa0248d445f606159c60506ec1432a800df4b0932a6551e2a665ea068033a457
SHA512

e8d53b0262dd79fa230f1a6d104e3a7c72715d9e6c4dd100ce523eace75dbd159f03901c0066ad45f0f7e92e791251ed68718ac5599b030c31fdbb39993c705b
SSDEEP

49152:Z/a5OHMMKgY0Olqhgth/UXgrJ6s5GWBvo4NdBKnI:Z/qOmHTlq6th466s5ZBvF6I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0248d445f606159c60506ec1432a800df4b0932a6551e2a665ea068033a457

Files

fa0248d445f606159c60506ec1432a800df4b0932a6551e2a665ea068033a457
.exe windows:4 windows x86

ea4f239eca323a3a2697e8378407a10b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetLastError

user32

IsIconic

gdi32

ExtTextOutA

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 616KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1000KB - Virtual size: 1000KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ