70843d057290244260ef7eda72f43bf8 | Triage

Sharing

General

Target

70843d057290244260ef7eda72f43bf8
Size

295KB
MD5

70843d057290244260ef7eda72f43bf8
SHA1

8047a784e02600acd335004176a7edb90582291a
SHA256

54c323daea70a2edd12372cd5b1342534b35dd56734b9dbbc7b7fab7e467ae92
SHA512

eda3be2c6b0f7e4d73e81117f1ea4262a2a6fe830c5091c7537bce0d09e29de6c534f29733c658502ae9b2ca92c846aae6a155c87c994b65296098977e503ad2
SSDEEP

6144:rR52N2ScXGtlaMfuuxNQrEhUMuYmsuhlF5i40wxR+zfGGI5Mnp+Ht:tXza0M2XrEhgYmhPF5JTxRL5MUHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70843d057290244260ef7eda72f43bf8

Files

70843d057290244260ef7eda72f43bf8
.exe windows:4 windows x86 arch:x86

836aefcb64c72b185e9d69891e07c1d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

GetFileSecurityW

user32

GetKeyState

gdi32

SetBkColor

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW

ole32

CoTaskMemFree

oleaut32

SysAllocStringLen

shell32

DragFinish

winspool.drv

ClosePrinter

Sections

.text
Size: 281KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE