2dede257e1351a13b2e655f56bbc784f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dede257e1351a13b2e655f56bbc784f
Size

385KB
MD5

2dede257e1351a13b2e655f56bbc784f
SHA1

dd094ac089a02326d88ad65ec1ceb8fefec76070
SHA256

ba06ca0934d884deac6d18d74c830b913357d70a6c9706caae75e6aac5b830e9
SHA512

8bb674223d94e5202960ced249e5a0c73e6b00761577a25f27d346ca0afa1fb12626ae79bba14fc0d8061088c972881706a261581a8771bc7e9d5c82aab74ead
SSDEEP

12288:PgDQYqfXtA65AxQ2LTnyC1iOnA6OprdDO:okYqPi6qZTDFA9DO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dede257e1351a13b2e655f56bbc784f

Files

2dede257e1351a13b2e655f56bbc784f
.exe windows:4 windows x86 arch:x86

aae73b7675bdc323442f02d62bb383ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

PatBlt

winmm

waveOutOpen

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleRun

oleaut32

VariantCopy

comctl32

ord17

ws2_32

sendto

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 361KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE