b23cb07410639298a3fbdd3d04872c97732c1949968903feabc9d6f8d6439af2 | Triage

Sharing

General

Target

b23cb07410639298a3fbdd3d04872c97732c1949968903feabc9d6f8d6439af2
Size

14.0MB
MD5

07c12f253c2eb528a7ce50a45459b56d
SHA1

f26bd6e51fe41a1dbf5e25a0b5e7131f2cc2fe64
SHA256

b23cb07410639298a3fbdd3d04872c97732c1949968903feabc9d6f8d6439af2
SHA512

e9fd384857a4b5b85415087479d76e1681104440de2f5ab0b381e1e2f9487e455fbe511c657abf6ab9e8d1c29916ebe80531b1df6fea62ee619040778ba8a9f0
SSDEEP

196608:bOLauYdxpOWdSOE2phiZ0/wONHLDrd6TYPQo8V+8Cs6cpqVVymDdh+yESGIqDMaL:CLBYdS6SUhQcwALDMXnIVnECatIZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b23cb07410639298a3fbdd3d04872c97732c1949968903feabc9d6f8d6439af2

Files

b23cb07410639298a3fbdd3d04872c97732c1949968903feabc9d6f8d6439af2
.exe windows:4 windows x86 arch:x86

1a0aa2ddc09ff7b2d425012d15cb041d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

waveOutOpen

ws2_32

WSACleanup

version

VerQueryValueA

user32

GetDC

gdi32

Pie

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

DragFinish

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseFontA

Sections

.MPRESS1
Size: 13.8MB - Virtual size: 35.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE