dfca873d786321ce804a408a2ea082e91b0a8b6f68a3f5093b1d22b1eddeff1e[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfca873d786321ce804a408a2ea082e91b0a8b6f68a3f5093b1d22b1eddeff1e.exe
Size

48KB
MD5

aadb2a92942d56c14b5c3aa96095e25b
SHA1

a45e14c8359e3d8b75ab8fd18b69e26bb188b94b
SHA256

dfca873d786321ce804a408a2ea082e91b0a8b6f68a3f5093b1d22b1eddeff1e
SHA512

3aa1495bca7241b55ccfac31fc0953c7c51ef3517b53f8076c3bbcdffe1483a09e0db6d00cf265dd42eb3b4da21dfca159f5cd4210b48c9e3dd2a3e733830ca3
SSDEEP

768:wOISxQt2iBMWPpT9M2PqP8kxOzwUw+tNOugk5MN9otbe01Fu7D1:wOB28iBnxTBiPoNlzgmMjo1xW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfca873d786321ce804a408a2ea082e91b0a8b6f68a3f5093b1d22b1eddeff1e.exe

Files

dfca873d786321ce804a408a2ea082e91b0a8b6f68a3f5093b1d22b1eddeff1e.exe
.exe windows:4 windows x86 arch:x86

b5466730ab0d7447f086847f6eee58a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

RegCloseKey

comctl32

ord17

gdi32

SaveDC

winspool.drv

OpenPrinterA

shell32

DragFinish

Sections

.MPRESS1
Size: 43KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE