164899f16a0a1532a7ca675ed8080fb9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

164899f16a0a1532a7ca675ed8080fb9
Size

122KB
MD5

164899f16a0a1532a7ca675ed8080fb9
SHA1

af65a3005c6161523162ded28fa557345909ada6
SHA256

eb100a0717e435b2ff964cdb9d6d2f70466530fa3b983e0fa4dbe19cc58aa637
SHA512

dc6c7dbc643b343f4901d076a92e25feb668e3cfb00c9402f6ec87cb8b0d4d690054460a4db514111dc907e3cff0804bc90abe954bde9cb3bc2c67347f5cbe25
SSDEEP

3072:5Bhu2dzPrlWfNvXUgbIPpUIOwny8+CkiOFQBASlssS:5OYPpWf9/6qIpnV+nF8pU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
164899f16a0a1532a7ca675ed8080fb9

Files

164899f16a0a1532a7ca675ed8080fb9
.exe windows:4 windows x86 arch:x86

a0fd3d8a60913e52f7411781ffa183f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvfw32

MCIWndCreateA

crtdll

signal
memset

user32

ChildWindowFromPoint
CallNextHookEx
EnumThreadWindows
DrawIcon
ClientToScreen
DefMDIChildProcA
EnableMenuItem
GetMenuState
CreateMenu
FrameRect
ExitWindowsEx
DrawStateA
GetFocus
GetClipboardFormatNameA
GetScrollRange
GetDlgItemInt
EmptyClipboard
DestroyMenu
GetLastActivePopup
MapWindowPoints
EnableScrollBar
GetWindowRect
GetParent
SystemParametersInfoA
GetSystemMetrics
InsertMenuItemA
GetWindowTextLengthW
ToUnicode
IntersectRect
GetUserObjectSecurity
ShowWindowAsync
RemoveMenu
ShowScrollBar
WaitMessage
WindowFromPoint
SetScrollInfo
IsWindowEnabled
MessageBoxA
SetUserObjectSecurity
UnhookWindowsHookEx

winspool.drv

DocumentPropertiesA
EnumPrintersA

Sections

CODE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE