58556cd949287420ead763413f525315

Sharing

Copy URL

Twitter E-mail

General

Target

58556cd949287420ead763413f525315
Size

36KB
MD5

58556cd949287420ead763413f525315
SHA1

5333d7b1bcaec1d670c6de3d9421805f61e23cdc
SHA256

8f7527dd74611a00822259eda68fd2a5170a749a88b17e225a98019c16852ffa
SHA512

cc3bb0f185f203bbbec76a3a41db0ac2d9ca10cdc433efac39e8214b06d14c73c26136e75210fde0e26ca380d42accd366d5ddf7820e566e895325a39aeee235
SSDEEP

768:zlupF5EhkJhYZBsMiHwj6uMjuDZmEwqNpe:zluplEBs6j6Weqje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58556cd949287420ead763413f525315

Files

58556cd949287420ead763413f525315
.exe windows:1 windows x86 arch:x86

b3a63c22fc90b5761eddb82471305cd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateEventA
CreateMutexA
InitializeCriticalSection
RegisterServiceProcess
GetCurrentProcessId
LocalFree
OpenMutexA
Sleep
WaitForSingleObject
SetEvent
ReleaseMutex
WriteProfileStringA
lstrcatA
lstrcpyA
EnterCriticalSection
IsBadReadPtr
GetProcAddress
LoadLibraryA
GetProfileStringA
VirtualAlloc
VirtualFree
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
ExitProcess
lstrcmpiA
CloseHandle
LeaveCriticalSection
CreateThread
lstrcmpA
FreeLibrary
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetVersion
GetEnvironmentStrings
GetLastError

user32

CreateWindowExA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
RegisterSystemThread
RegisterClassA
PostQuitMessage
DestroyWindow
DefWindowProcA
MessageBoxA

gdi32

ord104

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA

spoolss

DeleteMonitorA
DeletePrintProvidorA
AddMonitorA
PrinterMessageBoxA
ConfigurePortA
AddPortA
EnumMonitorsA
SetPrinterDataA
AbortPrinter
DeletePortA
GetPrinterDataA
ScheduleJob
AddJobA
ReadPrinter
EnumPrintProcessorDatatypesA
GetPrintProcessorDirectoryA
EnumPrintProcessorsA
AddPrintProcessorA
DeletePrinterDriverA
GetPrinterDriverDirectoryA
GetPrinterDriverA
WaitForPrinterChange
EnumPrinterDriversA
GetPrinterA
SetPrinterA
DeletePrinterConnectionA
AddPrinterConnectionA
DeletePrinter
AddPrinterA
EnumJobsA
GetJobA
SetJobA
EnumPrintersA
CallVSpoolerSignal
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
ChangeDefaultPrinter
ShutDownSpoolss
CheckNetAvailability
PrintShadowJobs
RespondToConfigChange
CheckNotSplSem
InitializeRouter
ClosePrinter
AddPrinterDriverA
AddPrintProvidorA
DeletePrintProcessorA
EnumPortsA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3a63c22fc90b5761eddb82471305cd0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

spoolss

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 932B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 932B

.reloc
Size: 10KB - Virtual size: 9KB