58719757860773498631a149c926f7a2c3ff3ad73b7a351f85f3fb2b73bf5829 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58719757860773498631a149c926f7a2c3ff3ad73b7a351f85f3fb2b73bf5829
Size

377KB
MD5

b7695829826c5a752b55da8c4f45f85e
SHA1

2bbc0915eafe4df6dd938caa328d0e8dd851999c
SHA256

58719757860773498631a149c926f7a2c3ff3ad73b7a351f85f3fb2b73bf5829
SHA512

d092c710ca92e5af8dcbebfdb32a4bcd55bf5587f3a0158fcbd469ffbbe6bb45c0652f4033311e6b37797f6bf328f1f665f4ba9df2492652a483bfa80d08f201
SSDEEP

6144:vHMeC6l9BeOVHIUntpraIZVgCiLso3/Uf4F8zr6dOXVdJklLqtdTZaXYEFl0suPm:vsT6XBeMoUtpri51UfDrPt8XnX0UpX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58719757860773498631a149c926f7a2c3ff3ad73b7a351f85f3fb2b73bf5829

Files

58719757860773498631a149c926f7a2c3ff3ad73b7a351f85f3fb2b73bf5829
.exe windows:4 windows x86 arch:x86

aae73b7675bdc323442f02d62bb383ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

PatBlt

winmm

waveOutOpen

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleRun

oleaut32

VariantCopy

comctl32

ord17

ws2_32

sendto

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 364KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS1
.MPRESS2
.rsrc/0/GROUP_ICON/DEFAULT_ICON
.rsrc/0/ICON/3.ico
.rsrc/0/MANIFEST/1
.xml
.rsrc/2052/version.txt