54e57df487ba7c56b6e329ca613d254c

Sharing

Copy URL Twitter E-mail

General

Target

54e57df487ba7c56b6e329ca613d254c
Size

265KB
MD5

54e57df487ba7c56b6e329ca613d254c
SHA1

be443564ac147473e9350fe5ecac33b60a5b794c
SHA256

41d71b6c5a120fd4a44fa6cee8c5c24ac80aba3c5976458e0a7253680c31ae54
SHA512

c5e90bae86c54f489f4c30f15571d00788d5d9a263eff88b314c4090d6a118a122f9525761118da325ba4a72dd71c7486482a8c637cc4caf8ba6ecaed0e624b8
SSDEEP

6144:0H4Tmfn8dMwBnVpV21WBMA41aZcCfZ34+rDLr:06m85nXV21Wi1aZPh3ZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54e57df487ba7c56b6e329ca613d254c

Files

54e57df487ba7c56b6e329ca613d254c
.exe windows:4 windows x86 arch:x86

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoCreateGuid
IIDFromString
CoTaskMemRealloc
CoTaskMemAlloc

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetUserDefaultLangID
LockResource
FormatMessageW
SystemTimeToFileTime
OpenThread
lstrlenW
IsDebuggerPresent
GetCurrentThreadId
LocalFree
RaiseException
GetDriveTypeW
CloseHandle
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
EnterCriticalSection
GetFileSize
LoadResource
lstrlenA
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileW
GetModuleHandleW
LocalAlloc
LoadLibraryExW
GetSystemTime
HeapReAlloc
SetLastError
ReadFile
FileTimeToSystemTime
FindResourceW
GetProcessHeap
GetNumberFormatW
SizeofResource
HeapFree
FindResourceExW
HeapSize
FreeLibrary
GetSystemTimeAsFileTime
OutputDebugStringW
GetTimeZoneInformation
HeapAlloc
UnhandledExceptionFilter
HeapDestroy
lstrcmpiW
GetCurrentDirectoryA
VirtualAllocEx

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow
LoadStringW
SetCursor
GetTopWindow
GetDesktopWindow
SystemParametersInfoW
CharNextW
LoadCursorW

oleaut32

VarUI4FromStr
VariantClear

winspool.drv

SetPrinterA
XcvDataW
DeletePrinterKeyA
AddPrinterDriverA
AdvancedDocumentPropertiesW
SpoolerPrinterEvent
AddPrintProcessorW
EnumPrinterDriversA
DocumentPropertiesW
AddFormW
AddPrinterW
GetPrinterDriverDirectoryW

kbdur

KbdLayerDescriptor

Sections

.Rncx
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bmTUB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WySP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWIqOwD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrrW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EmBZyQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PtVR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TlfSNwR
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AEZK
Size: 1024B - Virtual size: 585B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

File Characteristics

Imports

ole32

rpcrt4

kernel32

user32

oleaut32

winspool.drv

kbdur

Sections

.Rncx Size: 1024B - Virtual size: 18KB

.text Size: 18KB - Virtual size: 18KB

.bmTUB Size: 1KB - Virtual size: 1KB

.WySP Size: 3KB - Virtual size: 2KB

.rWIqOwD Size: 1KB - Virtual size: 1KB

.nrrW Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 325KB

.rdata Size: 208KB - Virtual size: 207KB

.EmBZyQ Size: 3KB - Virtual size: 2KB

.PtVR Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.TlfSNwR Size: 2KB - Virtual size: 1KB

.AEZK Size: 1024B - Virtual size: 585B

.Rncx
Size: 1024B - Virtual size: 18KB

.text
Size: 18KB - Virtual size: 18KB

.bmTUB
Size: 1KB - Virtual size: 1KB

.WySP
Size: 3KB - Virtual size: 2KB

.rWIqOwD
Size: 1KB - Virtual size: 1KB

.nrrW
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 325KB

.rdata
Size: 208KB - Virtual size: 207KB

.EmBZyQ
Size: 3KB - Virtual size: 2KB

.PtVR
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.TlfSNwR
Size: 2KB - Virtual size: 1KB

.AEZK
Size: 1024B - Virtual size: 585B