14e36646eda0daa6e48e86e418db01fb

General

Target

14e36646eda0daa6e48e86e418db01fb
Size

336KB
MD5

14e36646eda0daa6e48e86e418db01fb
SHA1

75bc4beb98fc3a40f4492c636de1ca0f8d51b679
SHA256

9adde4ac7cbe226ffbf33de7a0a8a2aab9f7d0103e0c643f53d327978a549d7b
SHA512

1d802425b64e89c0d1ca5d60b439b1b2559a78f3cb6e2ced9f94612f27ada604e5f6fae3dca3349c5db32fd23f9d74b723c482efa73eab036041ed0186508935
SSDEEP

6144:Bnhm1RKAs31+GywjoW4AU7a14twAPHIidz2CqI3abz86stTdAuChgRyN3jjf:riRHs3oGgWk7y4P3dKCq80poAuChgRyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e36646eda0daa6e48e86e418db01fb

Files

14e36646eda0daa6e48e86e418db01fb
.exe windows:4 windows x86 arch:x86

bcb64068af1ee165c26eb17880fcb915

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ChildWindowFromPointEx
EnumWindows
CreateDialogParamA
MessageBoxA
EnumThreadWindows
AnyPopup
DefDlgProcA
CreateDialogIndirectParamA
ShowWindowAsync
SetWindowPlacement

advapi32

RegCreateKeyExA
RegRestoreKeyA
RegOverridePredefKey
RegUnLoadKeyA
RegSaveKeyA
RegCreateKeyA
RegSetValueExA
RegConnectRegistryA
RegSetValueA

kernel32

GetCurrentProcessId
DeleteFileA
GetHandleInformation
GetCommandLineA
GetStartupInfoA
GetComputerNameA
GetCurrentProcess
GetModuleHandleA
SetHandleInformation
VirtualAlloc
WritePrivateProfileStructA
GetPrivateProfileStructA
GetProcAddress
GetCurrentThreadId
GetLastError
GetTickCount
GetVersion

winspool.drv

AddPrinterA
ClosePrinter
DeleteFormA
ConfigurePortA
AdvancedDocumentPropertiesA
DeletePrinterConnectionA
ConnectToPrinterDlg
DeletePrinterKeyA
AddPrinterConnectionA
AddJobA
DeletePrinterDataA

msvcrt

_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_initterm
_except_handler3
__set_app_type

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb64068af1ee165c26eb17880fcb915

Headers

File Characteristics

Imports

user32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 312KB - Virtual size: 312KB

.data Size: 512B - Virtual size: 100KB

.kuat Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 312KB - Virtual size: 312KB

.data
Size: 512B - Virtual size: 100KB

.kuat
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB