9ddd2ec5eeabb27fea70846b45fa4827480cc01659256a21925b6e90c8fec4fe

Sharing

Copy URL Twitter E-mail

General

Target

9ddd2ec5eeabb27fea70846b45fa4827480cc01659256a21925b6e90c8fec4fe
Size

277KB
MD5

28e94df247293b8515cb18ee1286611d
SHA1

40d1cbeee7386e13b1141fca31636c6df72cc38d
SHA256

9ddd2ec5eeabb27fea70846b45fa4827480cc01659256a21925b6e90c8fec4fe
SHA512

2023eab518d0a48c3846fcbc95bb5ea7312801248b862cc3aa40502d46b07bd751ff5ff6dbb6257eb39f8f8e68b234a449d083c17731474a651d317e0766f41a
SSDEEP

6144:b4grCvH9dXtc5SxXqoW5Da4yAvVZESA2W4m0LB1p+/DzHZc0:Tq9VHW5enIZE2Bm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ddd2ec5eeabb27fea70846b45fa4827480cc01659256a21925b6e90c8fec4fe

Files

9ddd2ec5eeabb27fea70846b45fa4827480cc01659256a21925b6e90c8fec4fe
.exe windows:5 windows x86

2c53967befa0783a5e9e6711ad3d3d55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
Sleep
GetModuleFileNameA
GetProcAddress
GetSystemInfo
GetVersionExW
GetFullPathNameW
CopyFileW
WaitForSingleObject
CreateProcessW
FindNextFileW
FindFirstFileW
GetSystemDirectoryW
SetEndOfFile
CreateFileW
CreateFileA
WriteConsoleW
GetConsoleOutputCP
GetSystemDefaultLangID
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
ReadFile
GetStartupInfoA
FindResourceW
SetHandleCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
lstrcmpiW
WriteConsoleA
LoadLibraryExW
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
CloseHandle
ExitProcess
HeapCreate
HeapSize
HeapReAlloc
TlsFree
TlsSetValue
TlsAlloc
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
FlushInstructionCache
SetLastError
GetCurrentThreadId
RaiseException
DeleteCriticalSection
TlsGetValue
GetStdHandle
WriteFile
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
LoadLibraryW
GetFileType
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange

user32

DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
ShowWindow
IsDialogMessageW
SetWindowTextW
SendMessageW
EnableWindow
GetDlgItem
GetSystemMetrics
GetClientRect
SetWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindowRect
GetWindow
GetParent
UnregisterClassA
LoadImageW
SetDlgItemTextW
PostQuitMessage
DefWindowProcW
DestroyWindow
EndDialog
GetWindowTextW
wsprintfW
MessageBoxW
CharNextW
SetWindowLongW
CreateDialogParamW

gdi32

CreateSolidBrush
DeleteObject

winspool.drv

EnumPortsW
ClosePrinter
XcvDataW
OpenPrinterW
GetPrinterDriverDirectoryW
EnumPrintersW
AddPrinterDriverW
ord204
AddPrinterW
GetPrinterW
EnumJobsW
EnumFormsW
DeletePrinterConnectionW
DeleteFormW
DeletePrinter
DeletePrinterDriverExW
EnumPrinterDriversW

advapi32

OpenServiceA
RegDeleteValueW
OpenSCManagerA
QueryServiceStatus
ControlService
StartServiceA
CloseServiceHandle
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
StrStrIW

comctl32

InitCommonControlsEx

setupapi

CM_Locate_DevNodeW
SetupDiGetClassDevsW
CM_Reenumerate_DevNode
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList
SetupDiGetINFClassW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 1021KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c53967befa0783a5e9e6711ad3d3d55

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

shlwapi

comctl32

setupapi

newdev

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 18KB - Virtual size: 1021KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 18KB - Virtual size: 1021KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 14KB - Virtual size: 13KB