1bccdd2d0a6317a4a96ae73e2f891905

Sharing

Copy URL Twitter E-mail

General

Target

1bccdd2d0a6317a4a96ae73e2f891905
Size

338KB
MD5

1bccdd2d0a6317a4a96ae73e2f891905
SHA1

3c94f0fe6e37d3bb73a4549917f5502b8ba0322e
SHA256

53cfcb30712cf74652ab471f4d72240628f2000128d2cc72bc11543dd96b8f39
SHA512

17515852246c11d91e556ed26c1634f0e0cd19e63d572e1d919b5b5665a8fa30ae6d894c0150492ceecc806b91b53e8f30d65dff522478fdbf4098ff04e43b3a
SSDEEP

6144:6UKd+Bq8arR6PT7P3GTvyvkJQac5fmp/ilIIhCEq3wGe+CaW5rc:rTT3GTvfJbh/osfsl5Rc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bccdd2d0a6317a4a96ae73e2f891905

Files

1bccdd2d0a6317a4a96ae73e2f891905
.exe windows:4 windows x86 arch:x86

69bdf18d9ed39bfb4cf740fd92ccbf04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClientRect
GetDlgItemTextA
DialogBoxParamA
SetParent
GetDlgCtrlID
ArrangeIconicWindows
MessageBoxIndirectA
MessageBoxExA
TileWindows
IsZoomed
SendDlgItemMessageA
DeferWindowPos
CreateWindowExA
LoadCursorA
OpenClipboard
SetClipboardData
TranslateMessage
DispatchMessageA
GetClipboardData
LoadIconA

gdi32

GetStockObject
CreateDiscardableBitmap
GdiGetBatchLimit
CopyEnhMetaFileA
BitBlt
CloseMetaFile
DeleteMetaFile
AngleArc
Chord
CopyEnhMetaFileW
AbortDoc

advapi32

RegOverridePredefKey
DeregisterEventSource
AccessCheck
RegReplaceKeyA
RegUnLoadKeyA
RegDeleteValueA
AdjustTokenGroups
RegCreateKeyA
GetTokenInformation

kernel32

GetACP
OpenMutexA
GetThreadLocale
GetTimeFormatA
OpenSemaphoreA
VirtualQueryEx
IsBadCodePtr
CreateEventA
GetCPInfo
LocalUnlock
IsBadWritePtr
GlobalLock
LocalFlags
PulseEvent
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetStartupInfoA
VirtualAllocEx
GetModuleHandleA
GetProcAddress
VerLanguageNameA

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoA

winspool.drv

EnumPrinterDriversA
DeletePrinterDriverExA
AddPrinterDriverExW
EnumPrintersW
SetJobW
AdvancedDocumentPropertiesA
AddJobA
ClosePrinter
AddPrinterConnectionA
DeletePrinterDataA
DeleteFormA
AddPrintProcessorA
AddPrinterA
SetJobA
DeletePrinter

netapi32

NetRemoteComputerSupports
NetGetJoinInformation
NetErrorLogWrite
NetFileGetInfo
NetErrorLogClear
NetAuditClear
NetFileEnum
NetConnectionEnum
NetConfigGetAll
NetGroupAdd
NetGetDCName
NetConfigSet
NetErrorLogRead
NetAuditRead
NetGetAnyDCName
Netbios

msvcrt

__p__commode
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_XcptFilter
_exit
_acmdln

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69bdf18d9ed39bfb4cf740fd92ccbf04

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

version

winspool.drv

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 313KB - Virtual size: 415KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 313KB - Virtual size: 415KB

.rsrc
Size: 4KB - Virtual size: 3KB