1ba756a7dc72bf721f92081d948b41e80250f8558ca1f9c2b7d40f52b48fffd7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ba756a7dc72bf721f92081d948b41e80250f8558ca1f9c2b7d40f52b48fffd7
Size

2.6MB
MD5

2fa52833ed92bb83f201e0bac6ba9bad
SHA1

f6bca775e3f2e443592dccf3a21f8ae1824ac29a
SHA256

1ba756a7dc72bf721f92081d948b41e80250f8558ca1f9c2b7d40f52b48fffd7
SHA512

6178f22205ae11d521bd07483539e0ed791710437aeb9af706dc72596f436ebf137a39ae6792f584fe7abeb1433b139ea6376c301b4adf2aade9b71f74941f3e
SSDEEP

49152:5sBoykVqT1Rh5V+jYBDEeSFWBhj1Ph22n0/gJD+qsyAanDOY:4oTVqTvBLBV1I2nAgJD+qsyTn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ba756a7dc72bf721f92081d948b41e80250f8558ca1f9c2b7d40f52b48fffd7

Files

1ba756a7dc72bf721f92081d948b41e80250f8558ca1f9c2b7d40f52b48fffd7
.exe windows:4 windows x86

0de57815f14c84ad3da08ee1a9781721

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

waveOutOpen

ws2_32

WSACleanup

user32

GetDC

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 2.5MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE