422acde6a2b4426d58a771f30c16e7b6 | Triage

Sharing

General

Target

422acde6a2b4426d58a771f30c16e7b6
Size

535KB
MD5

422acde6a2b4426d58a771f30c16e7b6
SHA1

7dcb10f9d07bfc01a08dfd2095a572bb68ec8ada
SHA256

cf2e245e08cff7711a1e3552866c8074c6ecadda0590894f670bf8dcdac89758
SHA512

27bfe866b1fff53301f181fbec496ffd5a1389155a3f3082ce7546b58718bbc17fcb7e62e0e740553db8d6c5e001ca18b7b6ecd617d36ffab6cb0c53443df479
SSDEEP

3072:P5omrPkounIsYRhcGMzLETecOzDhy2xRGz6D6klfNIQXZSKYXwo1aE:SmrPkndhxL6OU+R96kPXXZtYXwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422acde6a2b4426d58a771f30c16e7b6

Files

422acde6a2b4426d58a771f30c16e7b6
.exe windows:4 windows x86 arch:x86

796b10f599be0ee9dcf6cd6f77a3794c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess

user32

DrawTextExA

gdi32

AddFontResourceA

comdlg32

GetSaveFileNameA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance

comctl32

ord17

Sections

pec1
Size: 22KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 459KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE