11bc73202418dad5d210c9122ce0a2ad2fab662abe6fc1552b1e979c0b62c9fe

Sharing

Copy URL Twitter E-mail

General

Target

11bc73202418dad5d210c9122ce0a2ad2fab662abe6fc1552b1e979c0b62c9fe
Size

1.3MB
MD5

00c37cc8a23cbe487b2280137bb55e82
SHA1

a1078f748a804b6810a5d552554431f6bc70bc13
SHA256

11bc73202418dad5d210c9122ce0a2ad2fab662abe6fc1552b1e979c0b62c9fe
SHA512

05f48e682b998f772c507216040c1870c5fce24ccc5632edf6fe625cbeea9f4531549c95066abec48e9e951487044cf7c740750cb7d5578ecfeb11b1533a7254
SSDEEP

24576:BY6vFjG1JJg0gFcHh6bpg5+eCix1y0NEsvHHA7dH+X:BnIuTcHMpgNx1y0NrHHA78X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11bc73202418dad5d210c9122ce0a2ad2fab662abe6fc1552b1e979c0b62c9fe

Files

11bc73202418dad5d210c9122ce0a2ad2fab662abe6fc1552b1e979c0b62c9fe
.exe windows x86

aefdd6afcd1e99cd3fdcd3cb19a8dbe9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrlenA
lstrcpyA
WriteFile
VirtualFree
VirtualAlloc
UnlockFile
Sleep
SetUnhandledExceptionFilter
SetThreadContext
SetHandleCount
SetFilePointer
SetFileAttributesA
SetErrorMode
SetCurrentDirectoryA
SetConsoleCtrlHandler
ReadFile
MulDiv
MoveFileA
LockFile
HeapFree
HeapCreate
HeapAlloc
GlobalMemoryStatus
GetVersionExA
GetTimeZoneInformation
GetThreadContext
GetStdHandle
GetProcessHeap
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileType
GetFileSize
GetDiskFreeSpaceExA
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetCommandLineA
FlushFileBuffers
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
ExitProcess
DuplicateHandle
DeleteFileA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle

gdi32

TextOutW
TextOutA
StartPage
StartDocA
SetTextColor
SetMapMode
SetBkColor
SelectObject
GetTextMetricsA
GetDeviceCaps
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateFontA
CreateDCA

user32

ValidateRect
TranslateMessage
TrackPopupMenuEx
SystemParametersInfoA
ShowWindow
ShowCaret
SetFocus
SetCaretPos
SendMessageA
RegisterClassExA
PeekMessageA
MessageBoxW
MessageBoxExA
MessageBoxA
MessageBeep
LoadIconA
LoadCursorA
InvalidateRect
InsertMenuItemA
HideCaret
GetSystemMetrics
GetSysColor
GetKeyState
GetDC
EndPaint
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateCaret
BeginPaint
AppendMenuW
AppendMenuA

winspool.drv

OpenPrinterA
EnumPrintersA
DocumentPropertiesA

Sections

.text
Size: 550KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aefdd6afcd1e99cd3fdcd3cb19a8dbe9

Headers

File Characteristics

Imports

kernel32

gdi32

user32

winspool.drv

Sections

.text Size: 550KB - Virtual size: 552KB

.data Size: 212KB - Virtual size: 212KB

.bss Size: - Virtual size: 284KB

.idata Size: 3KB - Virtual size: 4KB

.reloc Size: 43KB - Virtual size: 44KB

.debug Size: 512B - Virtual size: 4KB

.text
Size: 550KB - Virtual size: 552KB

.data
Size: 212KB - Virtual size: 212KB

.bss
Size: - Virtual size: 284KB

.idata
Size: 3KB - Virtual size: 4KB

.reloc
Size: 43KB - Virtual size: 44KB

.debug
Size: 512B - Virtual size: 4KB