8b53dd90db11c0f625b5184ed4fbd01982a4545aced059feb64d9222e8f4f916

Sharing

Copy URL Twitter E-mail

General

Target

8b53dd90db11c0f625b5184ed4fbd01982a4545aced059feb64d9222e8f4f916
Size

86KB
MD5

6a83d3a21fc5fdf5b1f631f02784aae4
SHA1

c7a49a3fe7b0db49bba9fa9b6e4886b92128e4d4
SHA256

8b53dd90db11c0f625b5184ed4fbd01982a4545aced059feb64d9222e8f4f916
SHA512

6c2154c5c4490e65a8fecda70e71a92df854760dbf21a2cf5b2c3e6d4a13ded7d246388af72ea78d9fa163fb9006f90c65ea4dd453139b556a6d335f094f3f35
SSDEEP

1536:sxYRMeS2biqeKzSRW7+BwipFwYXcV6scTQl+sWjcdfZ3MzIMjez:sxAb9KW7vVUQlhfZ3MzIMjez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b53dd90db11c0f625b5184ed4fbd01982a4545aced059feb64d9222e8f4f916

Files

8b53dd90db11c0f625b5184ed4fbd01982a4545aced059feb64d9222e8f4f916
.dll windows:6 windows x86

1a4c73afbe86a05487bc6e3fe783152f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

ClosePrinter

user32

SendMessageW
EndDialog
MessageBoxW
GetDlgItem
SetFocus
SetDlgItemTextW
GetDlgItemTextW
SetWindowTextW
GetWindowTextW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW

kernel32

LCMapStringW
HeapSize
OutputDebugStringW
WriteConsoleW
SetStdHandle
HeapReAlloc
LoadLibraryExW
GetModuleFileNameW
EnterCriticalSection
GetLastError
LeaveCriticalSection
SetLastError
GetProcessHeap
HeapAlloc
HeapFree
FlushFileBuffers
CreateFileW
GetFileType
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetStringTypeW
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
CloseHandle
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwind
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

Exports

Exports

InitializePrintMonitorUI

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a4c73afbe86a05487bc6e3fe783152f

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

user32

shell32

kernel32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 496B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 496B

.reloc
Size: 4KB - Virtual size: 3KB