68f096511cba1c696d614681ba218bdb

Sharing

Copy URL Twitter E-mail

General

Target

68f096511cba1c696d614681ba218bdb
Size

333KB
MD5

68f096511cba1c696d614681ba218bdb
SHA1

677b4d535784cf1f66bfa49d1db9932c4a95172f
SHA256

86d32ee8aac0d6b3c5e7fc42e6313d693df830ce726b191e78747e6c410c58d4
SHA512

5370440181c2508a1fb720057811925993d70b2ab6252979b0590b7bc23c71074e75c4d18bd52274d1bb30f143700b3ad16d059512a898e2c5a70009b660fe20
SSDEEP

6144:ZWni+nQ97HbzJZZJcT+ux0vcqNbMBC3qoCK5HaWgK+fhXzls:ZWi+W77tZS70UqNSC37QJhXzls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f096511cba1c696d614681ba218bdb

Files

68f096511cba1c696d614681ba218bdb
.exe windows:5 windows x86 arch:x86

9805524581d764b87031602dc7e88973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
FindTextW
PrintDlgExW
ChooseFontW
GetFileTitleW
GetOpenFileNameW
ReplaceTextW
CommDlgExtendedError
GetSaveFileNameW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

msvcrt

_XcptFilter
_exit
_c_exit
time
localtime
_cexit
iswctype
_except_handler3
_wtol
wcsncmp
_snwprintf
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
wcsncpy

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLocalTime
GetUserDefaultLCID
GetDateFormatW

gdi32

EndPage
AbortDoc
EndDoc
DeleteDC
StartPage
GetTextExtentPoint32W
CreateDCW
SetAbortProc
GetTextFaceW
TextOutW
StartDocW
EnumFontsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
SelectObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.deah
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oaeh
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.daub
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.maub
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.maug
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mauh
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9805524581d764b87031602dc7e88973

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

winspool.drv

msvcrt

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.deah Size: 408KB - Virtual size: 408KB

.oaeh Size: 1024B - Virtual size: 4KB

.daub Size: 1024B - Virtual size: 4KB

.maub Size: 1024B - Virtual size: 4KB

.maug Size: 1024B - Virtual size: 4KB

.mauh Size: 1024B - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 32KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.deah
Size: 408KB - Virtual size: 408KB

.oaeh
Size: 1024B - Virtual size: 4KB

.daub
Size: 1024B - Virtual size: 4KB

.maub
Size: 1024B - Virtual size: 4KB

.maug
Size: 1024B - Virtual size: 4KB

.mauh
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 32KB