4d5c2d91db92f2c2c5f6f56ff665e5ac

Sharing

Copy URL Twitter E-mail

General

Target

4d5c2d91db92f2c2c5f6f56ff665e5ac
Size

243KB
MD5

4d5c2d91db92f2c2c5f6f56ff665e5ac
SHA1

5f2f0859e8354705834674c7f03a645582b98953
SHA256

cb78bde462e238f3746ac8bd29c4bfc228b306a497b3b915bfc9553f5544b4f2
SHA512

6afe6ac3746e0b14cf1da3e1a308ded39a1d963bb4afa60d00031325a817d0374c4eb365b8ae61c7753ef9609fac03c7fbf15ea91ec2c3300cea7d4348c4476f
SSDEEP

6144:rpz8aAs/rmoBxUJ3mubC9zJ7bGkWaapdiDZ0n/2fjphSZTMQ:rKCzR3P+CB8kW7psdJITM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d5c2d91db92f2c2c5f6f56ff665e5ac

Files

4d5c2d91db92f2c2c5f6f56ff665e5ac
.exe windows:4 windows x86 arch:x86

5501129aa47084a6d94b7a6332023154

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeEnvironmentStringsW
GetUserDefaultUILanguage
GetThreadLocale
TlsAlloc
GetSystemTimeAsFileTime
TlsGetValue
GlobalGetAtomNameA
GetProcessHeap
SetHandleCount
GetFullPathNameW
GlobalFindAtomA
MultiByteToWideChar
LoadResource
InterlockedExchange
GetFullPathNameA
DeleteCriticalSection
lstrcmpiA
LocalAlloc
GetEnvironmentStrings
EnumResourceLanguagesA
SetErrorMode
SetStdHandle
FindFirstFileExW
GetTempPathW
FindNextFileA
FreeEnvironmentStringsA
FindClose
GetCurrentThreadId
GetStringTypeA
GetStdHandle
LCMapStringW
GetStringTypeW
GetFileSize
InterlockedDecrement
lstrcmpW
GetFileType
GetUserDefaultLangID
lstrcatA
IsBadReadPtr
CreateFileMappingA
WideCharToMultiByte
SizeofResource
GetStartupInfoA
lstrcmpA
GetCurrentThread
lstrlenW
FreeLibrary
GlobalAddAtomA
InterlockedIncrement
ExitProcess
FindResourceA
GetACP
IsBadCodePtr
FindNextFileW
EnterCriticalSection
EnumUILanguagesW
GetLastError
GetSystemDefaultLangID
EnumSystemLocalesW
GlobalHandle
LeaveCriticalSection
LocalReAlloc
GetModuleHandleA
UnhandledExceptionFilter
InitializeCriticalSection
LCMapStringA
FindFirstFileExA
RaiseException
Sleep
lstrlenA
SetUnhandledExceptionFilter
TlsSetValue
GlobalDeleteAtom
CloseHandle
GetCurrentProcessId
GlobalReAlloc
GetVersion
GetCommandLineA
GetLocaleInfoA
TlsFree
LockResource
ConvertDefaultLocale
GetTickCount
GetProcAddress
GetEnvironmentStringsW
LoadLibraryA
GetVersionExA
lstrcpyA
QueryPerformanceCounter

user32

IsIconic
GetMenuState
PtInRect
wsprintfA
GetWindowPlacement
CopyRect
EnableMenuItem
UnregisterClassA
CallWindowProcA
SetMenuItemBitmaps
GetDlgCtrlID
RegisterClassA
DestroyMenu
ShowWindow
SetWindowLongA
GetWindowRect
GetMenuCheckMarkDimensions
CheckMenuItem
ModifyMenuA
PostQuitMessage
SetWindowPos
SetCursor
GetWindow
GetMenuItemID
PostMessageA
SystemParametersInfoA
EnumDesktopWindows
DefWindowProcA
SetWindowTextA
LoadBitmapA
GetClassInfoA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5501129aa47084a6d94b7a6332023154

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 68KB - Virtual size: 67KB

.strings Size: 5KB - Virtual size: 139KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 68KB - Virtual size: 67KB

.strings
Size: 5KB - Virtual size: 139KB