a1839b631347c6588ffd23d86d345e9759a333b286ffa54eaa79190a346229d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1839b631347c6588ffd23d86d345e9759a333b286ffa54eaa79190a346229d9
Size

1.3MB
MD5

a48b2388a3d023fe2d3ea3bae33bbd88
SHA1

a8271791b220993ce21b9f2c2d3e1f845eefa506
SHA256

a1839b631347c6588ffd23d86d345e9759a333b286ffa54eaa79190a346229d9
SHA512

1142e55188e8a7fc96420dbdf4bbee632c1e7d067d2a18745e317bbd4f03388c28facce831c77cdc7c72eda58ee456d18e0e2de1d0abbf2e8f2555b89ca1de8f
SSDEEP

24576:6II9Vfv+YPNEUhFIbw07bWMwsgM/eQYuu2+CDoqvG9KYQYZ9Pi:6IkHZPNEUDIbd2M/e0b+CD89KYLZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1839b631347c6588ffd23d86d345e9759a333b286ffa54eaa79190a346229d9

Files

a1839b631347c6588ffd23d86d345e9759a333b286ffa54eaa79190a346229d9
.exe windows:4 windows x86 arch:x86

6ec3e0af9bd2249613fe42285c9d599b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetWindowsHookExA

gdi32

GetStockObject

comdlg32

GetSaveFileNameA

winspool.drv

EnumPrintersA

advapi32

RegSetValueA

shell32

ShellExecuteExA

comctl32

ImageList_AddMasked

oledlg

ord8

ole32

CoTaskMemAlloc

olepro32

ord253

oleaut32

SysAllocStringLen

odbc32

ord10

wsock32

closesocket

wininet

InternetGetLastResponseInfoA

imm32

ImmAssociateContext

Sections

.text
Size: 1.2MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE