f8031c2cbb62b3880fe11226f9c740ae | Triage

Sharing

General

Target

f8031c2cbb62b3880fe11226f9c740ae
Size

292KB
MD5

f8031c2cbb62b3880fe11226f9c740ae
SHA1

1455e891cf4a78f0b9249a57401a863fa50fef38
SHA256

2a600e2745ffaf36efcc23c0f2368108804a074dbc67a00c8f9c65ea684d9ad8
SHA512

71be02b6f8e0b0dc0e26c623ba8588a73455f549230b19d503462a012605804f96515d1b6ab65a33db0eea577b2ed5d0ed01ada5ce9d827f45744f54c2ed46b6
SSDEEP

6144:W3kUSskJ+NtPuhmGU0zDFLXZGMg2u9WEY+QvofwvR5M:W0USavyZtLXUMl+mUwTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8031c2cbb62b3880fe11226f9c740ae

Files

f8031c2cbb62b3880fe11226f9c740ae
.exe windows:4 windows x86 arch:x86

4db79acdb13982f9b81622278989deb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

socket

user32

GetActiveWindow

gdi32

Escape

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

SHChangeNotify

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: 281KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE