07bbcef0e5853c96d1fc0f0beab5f42c | Triage

Sharing

General

Target

07bbcef0e5853c96d1fc0f0beab5f42c
Size

124KB
MD5

07bbcef0e5853c96d1fc0f0beab5f42c
SHA1

547bfe889f5e3b96aba97b79f0b0780407b83a32
SHA256

d3ba82618b3527724f29e835c333807e9d72e51839990c6e95e072825cf99150
SHA512

c3fd75153816c5acbd2f4513b8e2ce4a36807128f9c85917847d7afe4388c6edef6e9ec5e37fb21d24f1af1cade4ac1f99de596818537f94253f0a08b140c1a6
SSDEEP

3072:9SxUJuKvONa6LcD/kN6zO9TYVbfMfvw5UaC2P:8CJWHi/vzOBEbUf4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07bbcef0e5853c96d1fc0f0beab5f42c

Files

07bbcef0e5853c96d1fc0f0beab5f42c
.exe windows:5 windows x86 arch:x86

9950763f1f076fc4932f4546c63f9137

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInstall

oleaut32

VarDateFromI4
VarR8FromUI1
VarBoolFromDisp
VarBoolFromUI4
VarCyFromBool

urlmon

HlinkNavigateMoniker
MkParseDisplayNameEx

shlwapi

StrChrIA
StrRChrA

shell32

SHBrowseForFolder

winspool.drv

SplDriverUnloadComplete
DeletePrinter
WaitForPrinterChange
PrinterMessageBoxW
AddMonitorW
DeletePrinterDriverExA
EnumMonitorsA
DeleteFormW

dbghelp

SymUnloadModule

wsnmp32

ord602
ord604
ord220

comdlg32

PrintDlgExW
GetOpenFileNameA
ChooseFontW
FindTextA
PrintDlgW
GetFileTitleW
ChooseColorA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ