135aa0c92e37a8d8483004913b18b70f | Triage

Sharing

General

Target

135aa0c92e37a8d8483004913b18b70f
Size

145KB
MD5

135aa0c92e37a8d8483004913b18b70f
SHA1

c844d2fed18bb518adc3d3098f3d6d52af9771d5
SHA256

e944739ffe0b6d63dade02ae69543fb8169bfd5302b1235ce7f2e5022b98997c
SHA512

04677ecd801de8814e302ded6cc28aa328b957c19dc5c327992ead5cb82f3f4897f000f955b8a7a4f8b11db42bdee6a6eb885d7be2cfcf109c6bd036d209c2b3
SSDEEP

3072:GP5GwX1aVgPuBF8ZxakvbLrzb1LHecKZ2IUezBb+/XCKrd/:cSVSImKkvrzb1LHeJ2IXb2CKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
135aa0c92e37a8d8483004913b18b70f

Files

135aa0c92e37a8d8483004913b18b70f
.exe windows:1 windows x86 arch:x86

cd3e1b48018676472479168a72a16d24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVolumePathNamesForVolumeNameA
FillConsoleOutputAttribute
WriteConsoleOutputAttribute
VirtualAlloc
UpdateResourceA
lstrcpy
SetThreadPriority
AllocConsole
LoadResource
SetConsoleOutputCP
GetCPInfo
FindNextChangeNotification
EnumSystemLocalesA

winspool.drv

DeletePrinterDriverA

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 86KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ