2f82a738a2a179ba42534a799969e286c9fdebd1ab4fdc20346954eb0d4df173

Sharing

Copy URL Twitter E-mail

General

Target

2f82a738a2a179ba42534a799969e286c9fdebd1ab4fdc20346954eb0d4df173
Size

8.8MB
MD5

112cc567d0a7837dabba5efbb684682c
SHA1

26750be2f0d0388d8ec3aad45682d078533ddc44
SHA256

2f82a738a2a179ba42534a799969e286c9fdebd1ab4fdc20346954eb0d4df173
SHA512

675370d6bfa44724a54f205c892f01734df72bb1d9eae315face96fc67598e263cb93b4ccd5d71840a456e5813a93f7f00e56b87a231d532991856679a61fcf2
SSDEEP

196608:xtdg/hRVl6ZzGN1ArFSyZMCkqMACb1B7prVebUAUFCEQHEAGQv:BgR4ZzGN1AOCkqMDb1frcbUAUFCEmNLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f82a738a2a179ba42534a799969e286c9fdebd1ab4fdc20346954eb0d4df173

Files

2f82a738a2a179ba42534a799969e286c9fdebd1ab4fdc20346954eb0d4df173
.exe windows x86

56e4d34fe7b2e295e906aa349478022e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

UnregisterClassA
GetWindowTextLengthA

advapi32

RegCreateKeyExA
RegCreateKeyExA

gdi32

Escape
ExcludeClipRect

winspool.drv

OpenPrinterA
OpenPrinterA

comctl32

ord17
ImageList_Add

shlwapi

PathFileExistsA

gdiplus

GdipCreateSolidFill

ole32

CreateStreamOnHGlobal

imm32

ImmGetCompositionStringW

shell32

SHAppBarMessage
DragQueryFileA

winmm

PlaySoundA
waveOutClose

ws2_32

listen

oleaut32

UnRegisterTypeLi

comdlg32

GetFileTitleA

Sections

.text
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 831KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sp1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 8.7MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56e4d34fe7b2e295e906aa349478022e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

winspool.drv

comctl32

shlwapi

gdiplus

ole32

imm32

shell32

winmm

ws2_32

oleaut32

comdlg32

Sections

.text Size: - Virtual size: 3.4MB

.rdata Size: - Virtual size: 5.6MB

.data Size: - Virtual size: 831KB

.sp0 Size: - Virtual size: 3.5MB

.sp1 Size: 4KB - Virtual size: 3KB

.sp2 Size: 8.7MB - Virtual size: 8.7MB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: - Virtual size: 3.4MB

.rdata
Size: - Virtual size: 5.6MB

.data
Size: - Virtual size: 831KB

.sp0
Size: - Virtual size: 3.5MB

.sp1
Size: 4KB - Virtual size: 3KB

.sp2
Size: 8.7MB - Virtual size: 8.7MB

.rsrc
Size: 140KB - Virtual size: 137KB