a223c7db530e9ed34f3116d9739bf748

General

Target

a223c7db530e9ed34f3116d9739bf748
Size

20KB
MD5

a223c7db530e9ed34f3116d9739bf748
SHA1

ad6f86e66963f8c8dd7947cce3642d5ef49e0a61
SHA256

93814a39261b99f38d93c6723b24f6626968a45d636511f61d2662beb7402334
SHA512

228bab052fc423e1c716a92caf4a7cec3791f0fc5085ebeb94b01e76477608f8d26f401ba47c4b57d69a1559b5ff7c20504f7d9d3525eeb5ae1d15ec9b1e126f
SSDEEP

384:9rtss+/ULFam9Y36niOpULJWrxYWXMFLZiON8qMLJt40gGIoe0RVL:9xpZA536nii8YFaxGq07vgGIoec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a223c7db530e9ed34f3116d9739bf748

Files

a223c7db530e9ed34f3116d9739bf748
.exe windows:5 windows x86 arch:x86

5d9257d9dbb16eacab4f8d0fc20820d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__set_app_type
_exit
wcscpy
_controlfp
_except_handler3
exit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_wcsicmp
wcscmp
strncmp
wcslen

kernel32

OpenEventW
MapViewOfFile
LocalAlloc
GetCommandLineW
OpenFileMappingW
LocalFree
CloseHandle
lstrlenW
lstrlenA
ExitProcess
UnmapViewOfFile
GetLastError
WaitForSingleObject

sfmpsdib

PStoDIB

user32

wsprintfW

gdi32

EndPage
DeleteObject
LineTo
CreatePen
CreateDCW
SetAbortProc
StartDocW
GetDeviceCaps
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
ResetDCW
StartPage
SetMapMode
GetStockObject
GetObjectW
CreateFontIndirectW
GetTextExtentPointW
GetTextMetricsW
TextOutA
SelectObject
MoveToEx
TextOutW
CreateICW
EndDoc
DeleteDC
AbortDoc

winspool.drv

GetJobW
ReadPrinter
OpenPrinterW
ClosePrinter
DocumentPropertiesW
GetPrinterW

advapi32

RegisterEventSourceW
ReportEventW
DeregisterEventSource

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d9257d9dbb16eacab4f8d0fc20820d2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

sfmpsdib

user32

gdi32

winspool.drv

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 892B

.rsrc Size: 10KB - Virtual size: 29KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 892B

.rsrc
Size: 10KB - Virtual size: 29KB