25405c6c2efe864ff55c417016129881 | Triage

Sharing

General

Target

25405c6c2efe864ff55c417016129881
Size

1.6MB
MD5

25405c6c2efe864ff55c417016129881
SHA1

b160d5bbfd52bc7a940d3308259863979173108a
SHA256

e9ac1f33c62f2d97724f6584562c24fc14a3bea2401266d4932f904ef77738d1
SHA512

0859158534c7729f781e6065494db492a13a2433f14ff18f255780ac4cf0db210bccc5f8a812d031f4b4fe329759eab0c2fca0fb3c7750e59543a04d6eefbb7a
SSDEEP

24576:zv2yAWqrZtPuLol4UqI70Yez5VEHYLgVZGCriaRU9nIlGyCMZqHe2Z:7gzPdSUqI7VQQHegVBrjW9nxG92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25405c6c2efe864ff55c417016129881

Files

25405c6c2efe864ff55c417016129881
.exe windows:4 windows x86 arch:x86

402535fac4effe881661e731f26d3817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

PatBlt

winmm

waveOutOpen

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

DragFinish

ole32

OleRun

oleaut32

VariantClear

comctl32

ord17

oledlg

ord8

ws2_32

inet_ntoa

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 1.3MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE