26d09355e28b6a7f1ba52b9f9cb0a0c5 | Triage

Sharing

General

Target

26d09355e28b6a7f1ba52b9f9cb0a0c5
Size

327KB
MD5

26d09355e28b6a7f1ba52b9f9cb0a0c5
SHA1

6f414d69154f071360e0935ed4eb99bdfb4f54fb
SHA256

a94419809316b05ccef53a806f49b2e116303cee88f1dceabcb7d905c2919164
SHA512

c2c95bba198580ed8a7d05cf2682c353f622158072014685e4e4d28728ef4464b2cb403445dbb48697e6d9ac01987aad3ee79d39dab2c816f09cc8443d4b9419
SSDEEP

6144:jQTIEePA82sLDycQr3kDqwWU2gvasGKLTzrvH5PVfiUb97qKblp:+IdPA0yr3kOXuysGKLTPfhQ87qKblp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d09355e28b6a7f1ba52b9f9cb0a0c5

Files

26d09355e28b6a7f1ba52b9f9cb0a0c5
.exe windows:4 windows x86 arch:x86

f863b80cfb3243d68379c05d78fde511

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetComputerNameA
Sleep
GetExitCodeProcess
CreateMutexA
GetDriveTypeA
EnumResourceTypesA
GetCommandLineA
FreeConsole
SetLastError
GetModuleHandleA
FindClose
TlsGetValue
VirtualProtect
GetLastError
LoadLibraryExA
CloseHandle
GetTickCount
DeleteCriticalSection
GetDiskFreeSpaceExW

shell32

ShellAboutA
DllUnregisterServer
ExtractIconA
SHFree
DragAcceptFiles
SHGetMalloc
ShellMessageBoxA
DuplicateIcon
StrChrA
DragFinish
SHGetSettings
DragQueryFileA
SHGetDiskFreeSpaceA

printui

vPrinterPropPages
vQueueCreate
bPrinterSetup
bFolderGetPrinter
PnPInterface

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ