9e429afe079ccbd6da0e7620dae46d189d9277352924f40223b1ba9f1dab3dc6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e429afe079ccbd6da0e7620dae46d189d9277352924f40223b1ba9f1dab3dc6
Size

284KB
MD5

b4097175463e24008128741c389d0902
SHA1

565ce70cf9ec1331fa53873ab79be384d0bdcdd8
SHA256

9e429afe079ccbd6da0e7620dae46d189d9277352924f40223b1ba9f1dab3dc6
SHA512

71ab5553b311d42b68ebc3886711614f626a8bc53551fb6f715b7f236183f0a1d8cd57d1fec0aa8a731f4c1f5f897aecbd09ec8cbf5a6385fdaacf5d0d109bce
SSDEEP

6144:n+CgqEiZWTNPRK5EAbmgUdDZx9gohTJc/gtY3Xi50lFtizg3Oj:5g/iZWTNXPgcvmYc/w0lFtizg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e429afe079ccbd6da0e7620dae46d189d9277352924f40223b1ba9f1dab3dc6

Files

9e429afe079ccbd6da0e7620dae46d189d9277352924f40223b1ba9f1dab3dc6
.exe windows:5 windows x86 arch:x86

ee584199a5fe8e0a209ea4721e507b6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

nkvshook

InjectDll

user32

SetCapture

gdi32

GetViewportExtEx

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW

advapi32

RegSetValueExW

shell32

SHGetMalloc

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject

oleaut32

VarDateFromStr

version

VerQueryValueW

Sections

.text
Size: 247KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE