256f8da15424ace7266126c5e4ab28fa

Sharing

Copy URL

Twitter E-mail

General

Target

256f8da15424ace7266126c5e4ab28fa
Size

442KB
MD5

256f8da15424ace7266126c5e4ab28fa
SHA1

59c29a749c103f48ff18469606e8420e008b71d2
SHA256

656f49f03165388f5afa2c0d406d5b3484058c26cfd455efb0cf274f23cb959a
SHA512

3a8c3408f140a95e76cfb34e677eb356e64dc8c976f7e8d9540b7097dcadd6c8c7317437dcaed34f3880c4a1d4f1045aa44ab81947fb12c03b4cdeff1025935f
SSDEEP

12288:Y5c5caE0yOag/mvNSq5sdHccatqIQnPzg9piD:Y5cCJOa7vcq2dHcptlEU9pi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256f8da15424ace7266126c5e4ab28fa

Files

256f8da15424ace7266126c5e4ab28fa
.exe windows:5 windows x86 arch:x86

8c978d4583962bf829e17352e429b77a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
_except_handler3
free
_initterm
??3@YAXPAX@Z
_adjust_fdiv
malloc

kernel32

LeaveCriticalSection
TerminateProcess
EnterCriticalSection
SetLastError
lstrlenW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

ole32

CoCreateInstance
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree

advapi32

RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW

winspool.drv

OpenPrinterW
ClosePrinter

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iq
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oooa
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qwqw
Size: 2KB - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdsd
Size: 2KB - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xczxc
Size: 2KB - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asqea
Size: 2KB - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asqeax
Size: 2KB - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oapa
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gjdk
Size: 2KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nbmv
Size: 2KB - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mzna
Size: 2KB - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mznw
Size: 2KB - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 2KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c978d4583962bf829e17352e429b77a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

advapi32

winspool.drv

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 924B

.tls Size: 2KB - Virtual size: 21B

.iq Size: 126KB - Virtual size: 125KB

.oooa Size: 4KB - Virtual size: 2KB

.obb Size: 126KB - Virtual size: 125KB

.sef Size: 126KB - Virtual size: 125KB

.qwqw Size: 2KB - Virtual size: 544B

.sdsd Size: 2KB - Virtual size: 109B

.xczxc Size: 2KB - Virtual size: 214B

.asqea Size: 2KB - Virtual size: 214B

.asqeax Size: 2KB - Virtual size: 214B

.oapa Size: 2KB - Virtual size: 208B

.gjdk Size: 2KB - Virtual size: 112B

.nbmv Size: 2KB - Virtual size: 158B

.mzna Size: 2KB - Virtual size: 150B

.mznw Size: 2KB - Virtual size: 150B

.CRT Size: 2KB - Virtual size: 8B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 276B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 924B

.tls
Size: 2KB - Virtual size: 21B

.iq
Size: 126KB - Virtual size: 125KB

.oooa
Size: 4KB - Virtual size: 2KB

.obb
Size: 126KB - Virtual size: 125KB

.sef
Size: 126KB - Virtual size: 125KB

.qwqw
Size: 2KB - Virtual size: 544B

.sdsd
Size: 2KB - Virtual size: 109B

.xczxc
Size: 2KB - Virtual size: 214B

.asqea
Size: 2KB - Virtual size: 214B

.asqeax
Size: 2KB - Virtual size: 214B

.oapa
Size: 2KB - Virtual size: 208B

.gjdk
Size: 2KB - Virtual size: 112B

.nbmv
Size: 2KB - Virtual size: 158B

.mzna
Size: 2KB - Virtual size: 150B

.mznw
Size: 2KB - Virtual size: 150B

.CRT
Size: 2KB - Virtual size: 8B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 276B