8fba1e1663009e480465eacfb4ba0b0b

General

Target

8fba1e1663009e480465eacfb4ba0b0b
Size

195KB
MD5

8fba1e1663009e480465eacfb4ba0b0b
SHA1

42eacbf23b0acaee90d5d97bedbf7962f2958fc4
SHA256

3e4a71ffb52d167290c3c60b550f0bd8935ec5a51c7b98416ab5cb23d9dc8662
SHA512

1d4bbb40652c0c983dcc276a064800d60ebdc475134473a6a8e956377d950477bff33c5b8c19334657b65b17a8b4f94b97d84c609f4bdf164e99095a4f97f2da
SSDEEP

3072:YRgmOWSdBTdiwgE5qZdEGRgmOWSdBTdiwgE5qZdE0:E5MpiUIwm5MpiUIw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Boleto_Forma_Pagamento_.cpl
unpack001/Proposta_Negociação_.cpl

Files

8fba1e1663009e480465eacfb4ba0b0b
.zip
Boleto_Forma_Pagamento_.cpl
.dll windows:4 windows x86 arch:x86

78c6a49d696edd6681fd91ea3310fd0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

ole32

CoCreateGuid

wininet

InternetCloseHandle

Exports

Exports

CPlApplet

Sections

.text
Size: 87KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Proposta_Negociação_.cpl
.dll windows:4 windows x86 arch:x86

78c6a49d696edd6681fd91ea3310fd0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

ole32

CoCreateGuid

wininet

InternetCloseHandle

Exports

Exports

CPlApplet

Sections

.text
Size: 87KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78c6a49d696edd6681fd91ea3310fd0a

Headers

File Characteristics

Imports

kernel32

oleaut32

advapi32

user32

gdi32

ole32

wininet

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 256KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 512B

78c6a49d696edd6681fd91ea3310fd0a

Headers

File Characteristics

Imports

kernel32

oleaut32

advapi32

user32

gdi32

ole32

wininet

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 256KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 87KB - Virtual size: 256KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 87KB - Virtual size: 256KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 512B