007dd0c9ca164871bd1a98eee89bff1a

Sharing

Copy URL Twitter E-mail

General

Target

007dd0c9ca164871bd1a98eee89bff1a
Size

174KB
MD5

007dd0c9ca164871bd1a98eee89bff1a
SHA1

8522ef3c50747d3badd0f2d1ed95c6c9f89f1774
SHA256

aa8799b27441b2089ce56840e3d7fde94309498ef35c8136143a54780024d6a1
SHA512

832ea56c6486525318e58c495b08c07bbb447391ec6d64a8ba0348ff3992505ea81236ebedd5f7c3d85003f905b6b011a6b364ad690e50f680b4cbf96d57f708
SSDEEP

3072:YqiD8NxjF1jEZVvbT1pNUvCILYkdanZtYYr1MAx8:IaxjF1j4vbT1LuLYlZRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007dd0c9ca164871bd1a98eee89bff1a

Files

007dd0c9ca164871bd1a98eee89bff1a
.exe windows:4 windows x86 arch:x86

adf4375c9e4b4cb4f57955b0ac3819a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuCheckMarkDimensions
CheckMenuItem
GetLastActivePopup
GetWindowTextW
EnableMenuItem
ModifyMenuW
IsWindowEnabled
ReleaseDC
LoadCursorW
LoadBitmapW
GetDC
GetSystemMetrics
MessageBoxW
EnableWindow
GetWindowLongW
GetSysColor
GetParent
GetSysColorBrush

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

gdi32

GetClipBox
TextOutW
DeleteObject
SelectObject
RestoreDC
SetViewportOrgEx
GetDeviceCaps
ScaleViewportExtEx
ScaleWindowExtEx
SetMapMode
SetTextColor
SetBkColor
Escape
DeleteDC
OffsetViewportOrgEx
CreateBitmap
PtVisible
RectVisible
SetWindowExtEx
SetViewportExtEx
ExtTextOutW
SaveDC
GetStockObject

kernel32

HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FlushFileBuffers
VirtualQuery
IsBadCodePtr
TerminateProcess
GetShortPathNameW
VirtualFree
QueryPerformanceCounter
GetSystemInfo
IsBadReadPtr
IsBadWritePtr
HeapFree
GetStringTypeW
GetProcessAffinityMask
GetCurrentProcess
GetStringTypeA
GetOEMCP
SetFilePointer
GetCPInfo
GetCommandLineA
VirtualAlloc
GetTickCount
EnumResourceTypesW
GetCurrentProcessId
SetStdHandle
GetFileType
RtlUnwind
GetModuleFileNameA
LCMapStringW
VirtualProtect
GetFileAttributesA
SetHandleCount
GetStartupInfoA
HeapCreate
LCMapStringA
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStdHandle
FreeEnvironmentStringsW
UnhandledExceptionFilter
HeapAlloc
WriteFile
ExitProcess

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adf4375c9e4b4cb4f57955b0ac3819a4

Headers

File Characteristics

Imports

user32

winspool.drv

gdi32

kernel32

advapi32

shell32

shlwapi

ole32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 380KB