f6e2b249ba3fecf27e64282c4c80922b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6e2b249ba3fecf27e64282c4c80922b
Size

484KB
MD5

f6e2b249ba3fecf27e64282c4c80922b
SHA1

4c7d77e55de91f89bf2e75eb15c4c3733719ec43
SHA256

4c839201fda5a25ba0cd3947c7a48c607c1d10c275f9bbe1b7012eed454919b8
SHA512

eb7d4d5ded74095c1de2c30475d12ca8152687e5e4259a6126df1311d33df944c557e90e065477be5840b90107dcd6a5128c7940c31ee8678e3cd9f957b0914d
SSDEEP

12288:YEairt10gwGzepATue2ayUnpyDMYKPFtItgARe:q0OgwG9Tu7IpYOvG7Re

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6e2b249ba3fecf27e64282c4c80922b

Files

f6e2b249ba3fecf27e64282c4c80922b
.exe windows:4 windows x86 arch:x86

1e0e29378e8dbeff3cde8664fe10848b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandA

oleaut32

CreateDispTypeInfo

kernel32

WriteProfileSectionW

user32

GetActiveWindow
GetShellWindow

Sections

.text
Size: 477KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE