114e083ceedfdc0ccbffeec1c0ea65c3

Sharing

Copy URL

Twitter E-mail

General

Target

114e083ceedfdc0ccbffeec1c0ea65c3
Size

194KB
MD5

114e083ceedfdc0ccbffeec1c0ea65c3
SHA1

3cfd86a0cebe89612be78c5d5729fba8a09b6746
SHA256

e5966d4b2626bc0e0b1ab3a38f46c1c51071cc5257e18ebbd2fc24527717e7f8
SHA512

16f87e070aaa2c2af5cf1ae1fa7e402a918861147f46aa15b02cf195a97fdec84828ca17ae16b7b937d53ef1405b6414d36d43ff3a458e0e5c672654ed034045
SSDEEP

3072:O+qZWsrbyHQrt/Ms27gY0mZkBw9jUQoH+E6yVnBx5A:OfZWsrEcCgYNZkq9j7oeEBVBDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
114e083ceedfdc0ccbffeec1c0ea65c3

Files

114e083ceedfdc0ccbffeec1c0ea65c3
.dll windows:4 windows x86 arch:x86

1309ae75e08811ff90c7d37bf6eaffe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegCloseKey

gdi32

DeleteObject
SetBkMode
SetTextColor
AddFontResourceA
CreateBrushIndirect
CreateCompatibleDC
CreateDCA
CreateFontIndirectA
CreatePen
DeleteDC
EnumFontFamiliesA
GetCurrentPositionEx
GetDeviceCaps
PatBlt
ResetDCA
RemoveFontResourceA
SelectObject
StretchBlt
SetStretchBltMode
SetTextAlign
StartDocA
EndDoc
StartPage
EndPage
MoveToEx
TextOutA
Polyline

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetCurrentDirectoryA
GetEnvironmentStringsA
GetFileSize
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
OutputDebugStringA
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
FreeLibrary
RtlMoveMemory

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
DialogBoxIndirectParamA
MessageBoxA
SendMessageA
DialogBoxParamA
DrawTextA
FillRect
GetDC
GetWindow
LoadBitmapA

winspool.drv

ClosePrinter
DocumentPropertiesA
EndDocPrinter
EndPagePrinter
OpenPrinterA
StartDocPrinterA
StartPagePrinter
WritePrinter

comdlg32

PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

DOWNLOADFONTS
FORMNAME
LIBMAIN
LPRNT2
PARENTFORM
PPRNAME
PRINT02

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1309ae75e08811ff90c7d37bf6eaffe8

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

user32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 133KB

.data Size: 6KB - Virtual size: 7KB

.link Size: 3KB - Virtual size: 2KB

.rsrc Size: 41KB - Virtual size: 41KB

.rloc Size: 9KB - Virtual size: 8KB

.text
Size: 134KB - Virtual size: 133KB

.data
Size: 6KB - Virtual size: 7KB

.link
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 41KB - Virtual size: 41KB

.rloc
Size: 9KB - Virtual size: 8KB