048d54c1a6a319f18f0b22b32e7fca2c

Sharing

Copy URL

Twitter E-mail

General

Target

048d54c1a6a319f18f0b22b32e7fca2c
Size

160KB
MD5

048d54c1a6a319f18f0b22b32e7fca2c
SHA1

137a6cf05891d5f00c872654799ffb7febd93629
SHA256

55e446cc1b8ee62136334c848b0766c77d6fa3ef80c2af22be88e94ebd596733
SHA512

bb772880777350456d5eed5fb8c156cf375afba5f7efd9746df4f4ebf8b48b38600fc9795f50524213c83736bb569fd17fa79e8179ae4cf3fc26cdf372f144d9
SSDEEP

3072:SDhMRSq6qxneNMYc0b5nZBtiXtSbzV2GJc4:8caMY8SbzVvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
048d54c1a6a319f18f0b22b32e7fca2c

Files

048d54c1a6a319f18f0b22b32e7fca2c
.exe windows:4 windows x86 arch:x86

1eded8b1b9c2bf7148513bed2f96cf69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
CreateFileA
GetModuleHandleA
GetDateFormatA
FindResourceA
SetSystemPowerState
FindNextFileA
GetCommandLineA
FindClose
FindFirstFileA
CreateDirectoryA
CopyFileW
ResetEvent
VirtualFree
VirtualProtect
VirtualAlloc
SetTapePosition
GetStringTypeA
GetLocalTime
LCMapStringA
MultiByteToWideChar
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
QueryPerformanceCounter
SetFileAttributesA
GetSystemTime
GetVolumeInformationA
RemoveDirectoryA
GetEnvironmentVariableA
GetShortPathNameA
CreateProcessA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetVersion
GetLastError
CloseHandle
WriteFile
SetFilePointer
HeapDestroy
HeapCreate
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStringTypeW

user32

SendMessageA
RegisterWindowMessageA
FindWindowA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
EnumPrintersA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA
ReplaceTextA
GetFileTitleA
ChooseFontA

ole32

OleUninitialize
CoRevokeClassObject
OleInitialize

comctl32

ImageList_Draw
ord17
ImageList_SetOverlayImage
DestroyPropertySheetPage
ImageList_Add
CreateToolbarEx
ord6
PropertySheetA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eded8b1b9c2bf7148513bed2f96cf69

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

comdlg32

ole32

comctl32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 52KB - Virtual size: 326KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 52KB - Virtual size: 326KB

.rsrc
Size: 4KB - Virtual size: 1KB