cb7da1e8562a9d9d17522661ab24ec11

General

Target

cb7da1e8562a9d9d17522661ab24ec11
Size

317KB
MD5

cb7da1e8562a9d9d17522661ab24ec11
SHA1

a0b638c50caabf758d870e9713d5cf7aa8780758
SHA256

682fae48aac83190169321e35e64ed807a8fad85387409bbd19b8bf0e38a08f1
SHA512

09817389f19536e160b8354f6777befa91051318144828d01fc2b25ee617dca07f1735743315421cb03f148b0ed78ada417072668da87a98f27e4e0def35eccb
SSDEEP

6144:IiqrTRCiGng7wlYnJvXV//gp0Ex+tdl6ofaW7rnIQ1ry5chCAhcqEPsKc+QR2:IiGTRCHkxJgvClXIQIOh1hcqUjS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb7da1e8562a9d9d17522661ab24ec11

Files

cb7da1e8562a9d9d17522661ab24ec11
.dll windows:4 windows x86 arch:x86

92dc953d46d1269f1eba7b12a99e9026

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VarFormatDateTime

winspool.drv

ClosePrinter

rpcrt4

I_RpcFree
I_RpcSsDontSerializeContext
NdrNonConformantStringMemorySize
NdrSimpleStructUnmarshall

shell32

DuplicateIcon
SHFormatDrive
SHGetSettings
WOWShellExecute
DragQueryPoint

kernel32

GetPriorityClass
lstrlenA
lstrcmpiA
WaitForMultipleObjectsEx
VirtualProtect
VirtualAlloc
SizeofResource
QueryPerformanceCounter
MulDiv
Module32First
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
IsProcessorFeaturePresent
CancelDeviceWakeupRequest
ExitProcess
FlushInstructionCache
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalFree
GlobalLock
InterlockedDecrement
InterlockedExchange
IsDBCSLeadByte

Exports

Exports

ConvertMeshSubsetToStrips
CreateFontIndirectA
SaveSurfaceToFileInMemory
StartCompressBuffer
VecSaveMemory

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92dc953d46d1269f1eba7b12a99e9026

Headers

File Characteristics

Imports

oleaut32

winspool.drv

rpcrt4

shell32

kernel32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 153KB - Virtual size: 152KB

.data Size: 63KB - Virtual size: 63KB

.rsrc Size: 45KB - Virtual size: 45KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 153KB - Virtual size: 152KB

.data
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 45KB - Virtual size: 45KB

.reloc
Size: 3KB - Virtual size: 2KB