eac5ee5fc1e94219213f4f3ec4169e849e47a8abf259713589abd67a3f5e490a | Triage

Sharing

General

Target

eac5ee5fc1e94219213f4f3ec4169e849e47a8abf259713589abd67a3f5e490a
Size

1.6MB
MD5

a047755214bd55c4d4e709d053c8f8d6
SHA1

8bae7ccfffad437715f8c519e9bd9baabf034abb
SHA256

eac5ee5fc1e94219213f4f3ec4169e849e47a8abf259713589abd67a3f5e490a
SHA512

9e7cf2d6b4a93733510d2db8d7fc849f58071dc113cfd6bdf01ad109e83bec4fa6bd273db68b9bf9592d704f47f5faba9191836ff31ff85c4fb4f4df9e6ef308
SSDEEP

49152:C6QXQDnRZspd7WULzSrJ4NnzhABGBbcTGKr14lDGPL:CDuRZsHWUfSOZzmBYcTGKZQDGPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac5ee5fc1e94219213f4f3ec4169e849e47a8abf259713589abd67a3f5e490a

Files

eac5ee5fc1e94219213f4f3ec4169e849e47a8abf259713589abd67a3f5e490a
.exe windows:4 windows x86 arch:x86

8c7d7e87bb9572454f3bf5021fa51315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetLastError

user32

GetMenu

gdi32

PtVisible

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 480KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ