95e08a38e11a75671242728fe37db40d

Sharing

Copy URL

Twitter E-mail

General

Target

95e08a38e11a75671242728fe37db40d
Size

352KB
MD5

95e08a38e11a75671242728fe37db40d
SHA1

ce1fed405f5bf94ecf0cf3cdc5af49651e39e836
SHA256

32c7c07031e45e0cb3e5fc8a5c0a126c30a1801025a0cde3466ce80052de9736
SHA512

d5a18890b29143a6d82285620b5f5d6a89e48b1b5c854b013e19e8143a6ce8e78f0c2f4eb31cd11b2816181c5b92f64f1a5000d29f3fda4d5b1d5ab273e7544a
SSDEEP

6144:aZ17U0d9fwbk0YRQ95gl5/BSenT5rbJO5tSdd:aXrlnQ9ilndrotSdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e08a38e11a75671242728fe37db40d

Files

95e08a38e11a75671242728fe37db40d
.exe windows:4 windows x86 arch:x86

1ddf1bda97dc6d3bbd92aa8393734b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
GetSidSubAuthority
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
RegDeleteValueW
RegCloseKey
InitializeSecurityDescriptor
GetUserNameA
RegOpenKeyExW
CloseServiceHandle
RegSetValueExA
RegDeleteValueA

user32

IsWindow
EnableMenuItem
IsWindowVisible
RegisterClassA
GetNextDlgGroupItem
LoadAcceleratorsA
SystemParametersInfoA
CharUpperA
WinHelpA
GetWindowTextLengthA
SetWindowPos
EndPaint
OpenClipboard
TranslateMessage
DestroyCursor
GetTopWindow
GetMenuState
GetClassNameA
CheckMenuItem
ModifyMenuA
SetWindowTextA
GetWindowRect
CallWindowProcA
LoadBitmapA
SetFocus
LoadIconA
SetCapture
InvalidateRect
PeekMessageA
CreateWindowExA
BeginPaint
GetActiveWindow
DefWindowProcA
MapWindowPoints
GetDC
GetMenuItemID
RegisterClassExA
EqualRect
SetWindowLongA
DrawEdge
SendMessageA
LoadCursorA
ShowWindow
CopyIcon
FillRect
GetMessageA
GetCursorPos
GetMenuStringA
UpdateWindow
FindWindowA
IsRectEmpty
GetWindowLongA
CallNextHookEx
UnionRect
GetMenu
GetFocus
DrawTextA
RegisterClipboardFormatA
EmptyClipboard
DestroyIcon
RedrawWindow
GetScrollInfo
GetClientRect
SetMenuItemInfoA
wsprintfA
GrayStringA
GetDlgItem
IsWindowEnabled
EnumChildWindows
TranslateAcceleratorA
KillTimer
DrawFocusRect
SetForegroundWindow
GetSystemMetrics
GetParent
LoadStringA
IsChild
PostQuitMessage
GetSubMenu
IsIconic
DrawFrameControl
GetSystemMenu
UnregisterClassA
ClientToScreen
MessageBoxA
GetCapture
GetClassLongA
DestroyWindow
GetSysColor
EnableWindow
DestroyAcceleratorTable
ShowCaret
IntersectRect
SetClipboardData
OffsetRect
PostMessageA
GetMenuItemInfoA
ReleaseCapture
MoveWindow

gdi32

GetOutlineTextMetricsA
GetObjectType
SetBrushOrgEx
EnumObjects
PlayMetaFile
CloseFigure
GetCurrentPositionEx
DPtoLP
UnrealizeObject
DeleteMetaFile
GetWindowOrgEx
AngleArc
ResetDCA
GetColorAdjustment
GetMapMode
SelectObject
BeginPath
CreateFontIndirectA
GetMiterLimit
CreateBitmap
SetPixel
MaskBlt
EndDoc
GetCharABCWidthsFloatA
OffsetRgn
SetColorAdjustment
OffsetClipRgn
GetBkMode
SetMiterLimit
GetRegionData
CreateEllipticRgn
GetClipRgn
ExtCreatePen
Arc
GdiComment
StartPage
EndPath
SetMapperFlags
PlayMetaFileRecord
GetBrushOrgEx
PolyPolygon
PtInRegion
PlgBlt
CreateDiscardableBitmap
CreatePen
CreateEllipticRgnIndirect
CreatePolyPolygonRgn
CreateHatchBrush
GetDeviceCaps
ArcTo
GetTextMetricsA
CreateFontA
Escape
SetTextCharacterExtra
GetKerningPairsA
LineTo
SaveDC
SetMapMode
PolyBezier
PolyBezierTo
GetAspectRatioFilterEx
ExtCreateRegion
DrawEscape
DeleteObject
ExtEscape
CloseEnhMetaFile
SelectPalette
SetTextColor
UpdateColors
GetRgnBox
CreatePolygonRgn
BitBlt
RestoreDC
GetTextExtentPoint32A
PlayEnhMetaFile
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
ScaleViewportExtEx
StretchDIBits
GetDCOrgEx
PolyDraw
AbortPath
CreateCompatibleDC
StrokeAndFillPath
GetStockObject
GetPaletteEntries
GetTextFaceA
EndPage
ExtSelectClipRgn
AnimatePalette
FillRgn
ScaleWindowExtEx
SetBkMode
AbortDoc
GetCharWidthFloatA
SetPolyFillMode
CreateEnhMetaFileA
SetPaletteEntries
SetROP2
ExtFloodFill
EqualRgn
GetNearestColor
EnumMetaFile
WidenPath
CreateDIBPatternBrushPt
GetROP2
GetFontData
GetViewportExtEx
PatBlt

kernel32

GetExitCodeProcess
GetDiskFreeSpaceA
GetCurrentProcess
GetStringTypeExA
HeapValidate
GetLocalTime
GetProcessVersion
SetLastError
GetSystemDirectoryA
GlobalAlloc
WaitForSingleObject
GetLastError
HeapReAlloc
UnhandledExceptionFilter
InterlockedExchange
lstrcpyA
GetFileType
GetPrivateProfileIntA
ExitProcess
IsBadReadPtr
lstrlenW
CopyFileA
GetOEMCP
LeaveCriticalSection
lstrcpyW
RemoveDirectoryA
TlsGetValue
VirtualFree
lstrcmpA
CreateMutexA
GetFileTime
TerminateProcess
LCMapStringA
DeleteCriticalSection
SetEndOfFile
GlobalLock
CompareStringA
WideCharToMultiByte
LoadLibraryA
DeleteFileA
GetVersion
IsBadWritePtr
GetTickCount
LocalReAlloc
LocalFree
HeapDestroy
QueryPerformanceCounter
SetFileTime
GlobalHandle
GlobalSize
SuspendThread
GetThreadPriority
MoveFileA
CreateProcessA
GetProfileIntA
FormatMessageA
GetVolumeInformationA
VirtualProtect
GetTimeZoneInformation
GetStartupInfoA
GetFullPathNameA
SetFileAttributesA
DebugBreak
CreateEventA
DeviceIoControl
FileTimeToSystemTime
SetFilePointer
TlsAlloc
GetThreadLocale
WriteFile
GlobalReAlloc
CreateFileA
LockFile
GetEnvironmentStrings
GetSystemTimeAsFileTime
SystemTimeToFileTime
WritePrivateProfileStringA
GlobalFindAtomA
LocalFileTimeToFileTime
RtlUnwind
GlobalAddAtomA
GetWindowsDirectoryA
FindClose
SetErrorMode
GetCPInfo
InterlockedIncrement
GlobalUnlock
FreeLibrary
FreeEnvironmentStringsW
GetFileSize
GetCurrentProcessId
SetThreadPriority
FlushFileBuffers
RaiseException
LCMapStringW
GetVersionExA
SetEvent
InterlockedDecrement
GetModuleFileNameA
HeapAlloc
IsBadCodePtr
LockResource
FreeEnvironmentStringsA
ReadFile
FindNextFileA
IsBadStringPtrA
CloseHandle
CompareStringW
TlsFree
GlobalFlags
SetCurrentDirectoryA
GetProcAddress
HeapCreate
FileTimeToLocalFileTime
ExitThread
lstrcmpiA
SetHandleCount
GetFileAttributesA
CreateThread
GetSystemTime
UnlockFile
lstrcatA
FindFirstFileA
GetTempFileNameA
HeapFree
SetStdHandle
GlobalGetAtomNameA
MulDiv
SizeofResource
lstrlenA
SetEnvironmentVariableA
VirtualAlloc
InitializeCriticalSection
GetShortPathNameA
ResumeThread
LoadResource
VirtualQuery
GetStringTypeW
GetCurrentThreadId
GlobalFree
GetStringTypeA
FreeResource
FindResourceA
GetModuleHandleA
GetCommandLineA
GetCurrentThread
MultiByteToWideChar
GlobalDeleteAtom
OutputDebugStringA
DuplicateHandle
GetStdHandle
GetEnvironmentStringsW
GetCurrentDirectoryA
TlsSetValue
EnterCriticalSection
SetUnhandledExceptionFilter
LocalAlloc
GetPrivateProfileStringA
lstrcpynA
GetACP
GetProfileStringA

ole32

SetConvertStg
OleRegEnumVerbs
RegisterDragDrop
CoTaskMemAlloc
OleDuplicateData
CoRevokeClassObject
CoTreatAsClass
OleRegGetMiscStatus
CoDisconnectObject
CreateFileMoniker
OleInitialize
CoInitialize
OleGetClipboard
DoDragDrop
StgOpenStorage
OleCreateFromData
OleUninitialize
ReadClassStg
CoFreeUnusedLibraries
OleTranslateAccelerator
OleIsCurrentClipboard
ReadFmtUserTypeStg
OleDestroyMenuDescriptor
CreateGenericComposite
OleLoad
CoGetMalloc
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateBindCtx
CoGetClassObject
CLSIDFromString
StringFromCLSID
StgOpenStorageOnILockBytes
CLSIDFromProgID
OleSetClipboard
CoLockObjectExternal
WriteFmtUserTypeStg
ReleaseStgMedium
IsAccelerator
OleRun
StringFromGUID2
OleCreateMenuDescriptor
CoTaskMemFree
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLockRunning
CreateItemMoniker

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
ord204
GetPrinterA

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ddf1bda97dc6d3bbd92aa8393734b1c

Headers

File Characteristics

Imports

advapi32

user32

gdi32

kernel32

ole32

winspool.drv

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 60KB - Virtual size: 65KB

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 60KB - Virtual size: 65KB

.rsrc
Size: 100KB - Virtual size: 97KB