2f09a1e078cc406ca5586251d306363fa33af00360cbeeb78ba04ef9a7c44db0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f09a1e078cc406ca5586251d306363fa33af00360cbeeb78ba04ef9a7c44db0
Size

2.9MB
MD5

40ddf4804125d4315df3ddefbdbfea8a
SHA1

011b54b9d761e12edccea53b4b6c559ee3eb7155
SHA256

2f09a1e078cc406ca5586251d306363fa33af00360cbeeb78ba04ef9a7c44db0
SHA512

33da4c7876b15686a5d32d5d777e1897512e03acfea51e22c31bb6cb458c4d372c2fcc46fd11098b6e68ce7740147bd662238c2d2afd77e26766ec3536a58d2b
SSDEEP

49152:NX4ezqHJY16DlxQwIfE0afd+4OwpKJc4nAbF1VbEbSAnpANeat:NoezQJP3IuAN7Jc4MhKpAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f09a1e078cc406ca5586251d306363fa33af00360cbeeb78ba04ef9a7c44db0

Files

2f09a1e078cc406ca5586251d306363fa33af00360cbeeb78ba04ef9a7c44db0
.exe windows:4 windows x86 arch:x86

21c432fa67538f4fa2c575ad9ff5eefb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UpdateColors

version

VerQueryValueA

olepro32

OleLoadPicture

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

imm32

ImmSetCompositionWindow

shell32

ShellExecuteExA

winspool.drv

SetFormA

comdlg32

PrintDlgA

oleacc

LresultFromObject

winmm

sndPlaySoundA

setupapi

SetupDiDestroyDeviceInfoList

hid

HidD_FlushQueue

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 2.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE