650c2fb73658400e1dfb602303e00316

Sharing

Copy URL Twitter E-mail

General

Target

650c2fb73658400e1dfb602303e00316
Size

133KB
MD5

650c2fb73658400e1dfb602303e00316
SHA1

f2bb44dd96bd84fb39660dc8783809b44c705713
SHA256

f006dcc3c601f3bc5da7021eedf742e436da5a0630b68eb572085d295fd6e69d
SHA512

05cd1c0410f94b4c6ada2ea388078459d204e92c060fdb61c058b31524b1f7f962422d09e65d8e3dfd609adbc97501175d01c4d23d1a56b4b442edd7f3701b73
SSDEEP

1536:GkgP1HdcQDjs7h0CgbvnBQ+EelCJ9gSKb9Kom1jgPLQpSDje2UE:GJ19cQv6iCgbPtbCJ9gdR8Oq5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
650c2fb73658400e1dfb602303e00316

Files

650c2fb73658400e1dfb602303e00316
.exe windows:4 windows x86 arch:x86

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
ReadFile
lstrcpynA
CloseHandle
SetFilePointer
GetModuleHandleA
LocalHandle
GlobalAlloc
SetStdHandle
LoadLibraryA
GetLastError
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetStringTypeA
GetStringTypeW
lstrcatA
HeapFree
GetProcAddress
lstrlenA
LocalFree
LocalAlloc
lstrcpyA
VirtualAlloc
FlushFileBuffers
HeapAlloc
GlobalFree
GlobalLock
lstrcmpiA
GlobalUnlock

user32

RegisterClassA
DispatchMessageA
TranslateMessage
LoadAcceleratorsA
TranslateAcceleratorA
GetMessageA
ShowWindow
CreateWindowExA
GetSystemMetrics
LoadStringA
EnableWindow
GetSysColor
GetMenu
EnableMenuItem
MessageBeep
GetDlgItemTextA
SendDlgItemMessageA
EndDialog
PostQuitMessage
GetDC
SetWindowLongA
SendMessageA
ReleaseDC
PostMessageA
SetFocus
DefWindowProcA
DialogBoxParamA
BeginPaint
GetClientRect
FillRect
EndPaint
LoadIconA
LoadCursorA
MessageBoxA

gdi32

CreatePen
GetStockObject
GetTextMetricsA
TextOutA
SetBkMode
DeleteObject
SetTextColor
LineTo
MoveToEx
SelectObject

winspool.drv

EnumPrintersA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

version

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1024B - Virtual size: 951B

.data Size: 12KB - Virtual size: 647KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 76KB - Virtual size: 97KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 12KB - Virtual size: 647KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 76KB - Virtual size: 97KB