ece845b9ad022dd6ef477b45d4d3a94cba1ffd8a37d83225086411b7c1ab2ee2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ece845b9ad022dd6ef477b45d4d3a94cba1ffd8a37d83225086411b7c1ab2ee2
Size

477KB
MD5

3b2522ff3c8d35922da5b95968b46898
SHA1

cf055c4b0a7c42e9674f5b2b68b5b9a01f02676a
SHA256

ece845b9ad022dd6ef477b45d4d3a94cba1ffd8a37d83225086411b7c1ab2ee2
SHA512

601b01c58c0148e10f690603ecd56b5aae41def6b95084cd9847e0636a57a5c884b2c944c046b7a83ee8aebad2cb8a49b731bcb8ef9d4b81fef6cdd4e2ee544a
SSDEEP

12288:qBI2jSlHwhGpwU3JDC7M4PQ0CGN/tXC7T4:qq2WlQhuwU3J+Y47CGN/ty7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece845b9ad022dd6ef477b45d4d3a94cba1ffd8a37d83225086411b7c1ab2ee2

Files

ece845b9ad022dd6ef477b45d4d3a94cba1ffd8a37d83225086411b7c1ab2ee2
.exe windows:4 windows x86 arch:x86

4ed1ce12d77364caced840f19c4ce3d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamOut

ws2_32

socket

user32

GetMessagePos

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

LoadTypeLi

comctl32

ImageList_GetIcon

comdlg32

ChooseColorA

Sections

.text
Size: 460KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE