069d57a4b12ec5a049932301440d0cfe9cc7101f877d44639d5b9ff48fe066f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

069d57a4b12ec5a049932301440d0cfe9cc7101f877d44639d5b9ff48fe066f5
Size

7.3MB
MD5

81a3c9535bd214f8eeade974ff798292
SHA1

d40e0d20c3e92c7f3492c505dd3e5bbb0322e1f8
SHA256

069d57a4b12ec5a049932301440d0cfe9cc7101f877d44639d5b9ff48fe066f5
SHA512

b07c9159e07fe9d6177ffa6ad04aa0c02b56d9ddd8b4adb433eb35929f8587a0ee09834f83904fcd3a3a13e815db025c3b2d6beea4f2cffb2dd048adea748d38
SSDEEP

196608:URie+65idRGzRE+3IIhtHUJt6VTHP4ob2MINTnLW:URK65mU7HUr6VTHgY8ni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
069d57a4b12ec5a049932301440d0cfe9cc7101f877d44639d5b9ff48fe066f5

Files

069d57a4b12ec5a049932301440d0cfe9cc7101f877d44639d5b9ff48fe066f5
.exe windows:5 windows x86 arch:x86

e4d532a13f147a1cc0fc4b48a8028567

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyNameTextA

gdi32

SetTextAlign

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

ExtractIconA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA

oledlg

ord8

ole32

OleSetClipboard

oleaut32

VariantChangeType

oleacc

LresultFromObject

Sections

.text
Size: 7.3MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE