641142200482292ebb5f416b1fc4ca8e

Sharing

Copy URL Twitter E-mail

General

Target

641142200482292ebb5f416b1fc4ca8e
Size

268KB
MD5

641142200482292ebb5f416b1fc4ca8e
SHA1

e6ea5e940e32dd5272f18617c06d96538d08c2bd
SHA256

bac60cfa36976a6452fe49c3aeb369657cf4c3c960d91a03b8117d8ca958c321
SHA512

ef5b4ec12c85652fc3737482d607ca6de7c0b4abab4ea45856d16a64d432409bde23ec465150e9d8f25c791676c70526cc94614532061d7a4f9990c454713214
SSDEEP

6144:dXunzchEyYoD+XZWfivtbi/EsldYii8T:izdpWMtaXj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
641142200482292ebb5f416b1fc4ca8e

Files

641142200482292ebb5f416b1fc4ca8e
.exe windows:4 windows x86 arch:x86

e27d97abc6cf47c70d69b3f2a5439e60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterA
ClosePrinter
ord204

version

GetFileVersionInfoSizeA
VerQueryValueA

ole32

OleSaveToStream
OleIsRunning
CreateBindCtx
CoTaskMemAlloc
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
IsAccelerator
OleCreateMenuDescriptor
StgCreateDocfile
CoRegisterMessageFilter
CoLockObjectExternal
DoDragDrop
CoDisconnectObject
WriteClassStg
OleDuplicateData
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleIsCurrentClipboard
OleFlushClipboard
OleRegGetUserType

user32

ReleaseDC
GetWindowRect
GetTopWindow
RegisterClassA
RemoveMenu
ReleaseCapture
FillRect
PeekMessageA
GetSystemMetrics
GetMenuItemCount
InvalidateRect
GetDlgCtrlID
GetClassInfoExA
DefWindowProcA
GetIconInfo
GetMessagePos
LoadAcceleratorsA
InflateRect
MessageBoxA
SetWindowPos
IsDialogMessageA
SetCapture
GetForegroundWindow
wsprintfA
SetFocus
ValidateRect
IsMenu
RegisterClassExA
SetDlgItemTextA
EqualRect
keybd_event
GetClientRect
CharNextA
DestroyCursor
AppendMenuA
UnregisterClassA
CheckMenuItem
ClientToScreen
DestroyWindow
LoadBitmapA
DrawTextA
EnableWindow
DestroyMenu
CreatePopupMenu
GetParent
GetClassNameA
GetMenu
GetDC
CreateWindowExA
GetDlgItem
MoveWindow
GetWindowTextLengthA
LoadStringA
IsClipboardFormatAvailable
ShowWindow
DrawMenuBar
CreateDialogIndirectParamA
MapWindowPoints
GetCursorPos
DrawIconEx

kernel32

FileTimeToSystemTime
lstrcmpiA
GetStdHandle
GlobalAddAtomA
InterlockedIncrement
GetCurrentThreadId
GetConsoleMode
WriteConsoleA
InitializeCriticalSection
FindClose
HeapReAlloc
IsValidCodePage
GetTickCount
UnmapViewOfFile
InterlockedDecrement
FlushFileBuffers
UnhandledExceptionFilter
VirtualAlloc
CreateThread
GetCommandLineA
EnterCriticalSection
LocalAlloc
SetEndOfFile
TlsSetValue
SetStdHandle
TlsAlloc
GetFileType
FileTimeToLocalFileTime
GlobalAlloc
SetThreadPriority
GetStringTypeA
CreateFileA
GetConsoleCP
CompareStringA
QueryPerformanceCounter
DeleteCriticalSection
GetProcAddress
MulDiv
ReadFile
GetVersionExA
SetFilePointer
GetTimeZoneInformation
TerminateProcess
GetPrivateProfileIntA
VirtualQuery
GetStringTypeW
CompareStringW
GetTimeFormatA
GetModuleFileNameW
lstrlenA
DuplicateHandle
CreateEventA
GetSystemTimeAsFileTime
HeapSize
MultiByteToWideChar
VirtualFree
CloseHandle
InterlockedExchange
WideCharToMultiByte
SetUnhandledExceptionFilter
TlsFree
FreeLibrary
GlobalFree
GetCurrentProcessId
SetLastError
Sleep
GetStartupInfoA
HeapCreate
LocalFree
LockFile
FreeEnvironmentStringsW
GetShortPathNameA
LCMapStringW
GetEnvironmentStringsW
ExitProcess
RaiseException
SetHandleCount
WriteFile
IsDebuggerPresent
GetCurrentThread
LoadLibraryA
GetACP
WaitForSingleObject
GetCurrentProcess
lstrcmpW
GetProcessHeap
LCMapStringA
HeapFree
GetDateFormatA
GetCPInfo
GetEnvironmentStrings
RtlUnwind
HeapDestroy
GetLastError
WinExec
GetModuleHandleA
SetEnvironmentVariableA
GetOEMCP
GetSystemDirectoryA
WriteConsoleW
HeapAlloc
FreeEnvironmentStringsA
lstrlenW
lstrcmpiW
CreateMutexA
FindNextFileA
LeaveCriticalSection
GetConsoleOutputCP
UnlockFile
TlsGetValue
GetModuleFileNameA
GetLocaleInfoA

gdi32

CreateRoundRectRgn
GetClipRgn
GetTextExtentPoint32A
CloseFigure
CreatePenIndirect
CreateSolidBrush
SetPolyFillMode
SetBkMode
GetWindowExtEx
EndPath
DeleteObject
SetArcDirection
SetRectRgn
SetStretchBltMode
BitBlt
TextOutA
CreateRectRgn
RectInRegion
PolylineTo
SelectObject
GetStockObject
BeginPath
GetFontData
CreateCompatibleDC
SetMapMode
FillPath
CreateHalftonePalette
SetTextJustification
CreateRectRgnIndirect
OffsetWindowOrgEx
CreateDCA
Escape
DeleteDC

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegSetValueA
ControlService
CreateServiceA
StartServiceA
OpenServiceA
RegOpenKeyA
SetSecurityDescriptorDacl
CloseServiceHandle
RegEnumKeyExA
InitializeSecurityDescriptor
RegDeleteValueA
RegEnumKeyA
RegSetValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
GetUserNameA
RegCreateKeyA
RegCreateKeyExA
RegQueryInfoKeyA
OpenSCManagerA
RegQueryValueExA
QueryServiceConfigA
AdjustTokenPrivileges
DeleteService
RegEnumValueA

winmm

waveOutUnprepareHeader
waveOutClose
waveOutGetDevCapsA
mixerGetDevCapsA
mixerOpen
timeKillEvent
mixerSetControlDetails
mciGetErrorStringA
mixerGetControlDetailsA
waveOutGetNumDevs
mmioDescend
timeBeginPeriod
timeSetEvent
mixerGetLineInfoA
mmioRead
mixerClose
timeEndPeriod
mixerGetLineControlsA

comctl32

InitCommonControlsEx
ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_SetImageCount
ImageList_Draw
ord17
ImageList_GetIcon
ImageList_Create
ImageList_GetImageInfo
ImageList_Destroy
ImageList_LoadImageW
_TrackMouseEvent

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e27d97abc6cf47c70d69b3f2a5439e60

Headers

File Characteristics

Imports

winspool.drv

version

ole32

user32

kernel32

gdi32

advapi32

winmm

comctl32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 56KB - Virtual size: 74KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 56KB - Virtual size: 74KB

.rsrc
Size: 24KB - Virtual size: 20KB