14732bc5667ef2bb1b6f0af76c63e449

Sharing

Copy URL Twitter E-mail

General

Target

14732bc5667ef2bb1b6f0af76c63e449
Size

175KB
MD5

14732bc5667ef2bb1b6f0af76c63e449
SHA1

b148a8ffbf954d3e951b8e5e5a49423c1b4678c1
SHA256

c4b76ef573daa72fd4b67ba0eff8448e4feb1ebc8e0650f126f82efa35a6a5d3
SHA512

f37c49a83c8b232a649edfba1113c751f5f340f5697f6b82741e31556f8d4434671ace6542f99d15f5be1d0ce9eb88a6815137e34397e34145fe638b69efdcda
SSDEEP

3072:ytK3GTW38kpHQGFgn81ARk8fSrAndogK4s67lm26fbiW0Jm+:o5m8kpwGFO8Kf2AnFs6lKzhC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14732bc5667ef2bb1b6f0af76c63e449

Files

14732bc5667ef2bb1b6f0af76c63e449
.exe windows:4 windows x86 arch:x86

f69034f52a13f770d0b41394626f5031

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

user32

EnableMenuItem
IsWindowEnabled
LoadCursorW
GetDC
EnableWindow
ReleaseDC
GetSysColor
GetParent
GetWindowLongW
ModifyMenuW
CheckMenuItem
GetWindowTextW
GetLastActivePopup
LoadBitmapW
MessageBoxW
GetMenuCheckMarkDimensions
GetSystemMetrics
GetSysColorBrush

ole32

CoCreateInstance
CoUninitialize
CoInitialize

gdi32

OffsetViewportOrgEx
ExtTextOutW
CreateBitmap
SelectObject
SaveDC
SetMapMode
RectVisible
SetBkColor
SetViewportOrgEx
GetDeviceCaps
SetTextColor
ScaleWindowExtEx
SetViewportExtEx
DeleteObject
Escape
DeleteDC
GetClipBox
SetWindowExtEx
TextOutW
RestoreDC
ScaleViewportExtEx
PtVisible
GetStockObject

kernel32

VirtualQuery
GetCommandLineA
SetFilePointer
LCMapStringA
GetCPInfo
GetShortPathNameW
GetTickCount
HeapAlloc
SetUnhandledExceptionFilter
VirtualProtect
TerminateProcess
SetHandleCount
HeapCreate
GetSystemTimeAsFileTime
GetStringTypeW
GetProcessAffinityMask
IsBadReadPtr
LCMapStringW
VirtualAlloc
IsBadCodePtr
RtlUnwind
UnhandledExceptionFilter
HeapFree
GetEnvironmentStringsW
EnumResourceTypesW
GetEnvironmentStrings
GetCurrentProcessId
GetCurrentProcess
GetOEMCP
QueryPerformanceCounter
HeapSize
WriteFile
GetModuleFileNameA
HeapReAlloc
HeapDestroy
GetSystemInfo
FlushFileBuffers
GetFileAttributesA
GetStartupInfoA
SetStdHandle
VirtualFree
GetStringTypeA
GetFileType
GetStdHandle
FreeEnvironmentStringsW
IsBadWritePtr
ExitProcess

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f69034f52a13f770d0b41394626f5031

Headers

File Characteristics

Imports

advapi32

winspool.drv

shell32

shlwapi

user32

ole32

gdi32

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 380KB