dd37321dc07d028cddd8b42b7a03f94cbee4c4cacfcad352954be806ae3ffe72

Sharing

Copy URL Twitter E-mail

General

Target

dd37321dc07d028cddd8b42b7a03f94cbee4c4cacfcad352954be806ae3ffe72
Size

254KB
MD5

3688468179df50434093d90253ae9284
SHA1

75afb6423d57e15abcdc9f13b4952bcb06a24e38
SHA256

dd37321dc07d028cddd8b42b7a03f94cbee4c4cacfcad352954be806ae3ffe72
SHA512

087dc81540add1993ff1a92153cd07bfaf6900733f834208ddea6bbe515be3f637bd085c11e4ad2c0dede06322ee84a73fd79c80f19e4fe5d596a1a5b012fb36
SSDEEP

6144:CLv+tw3rEmCMuCPClYC/R2tB3hLUGRxgqta6xU2q1LLMy:CLAUIdrCPgb/R2tB3hLxRxgqta6mZll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd37321dc07d028cddd8b42b7a03f94cbee4c4cacfcad352954be806ae3ffe72

Files

dd37321dc07d028cddd8b42b7a03f94cbee4c4cacfcad352954be806ae3ffe72
.dll windows:5 windows x86 arch:x86

909b24222659b6e354b5131852cb2470

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\pro_bak\code\AppendPrint\AppendPrint\Release\AppendPrint.pdb

Imports

kernel32

GetModuleFileNameW
FreeLibrary
CreateFileW
LoadLibraryW
GetCurrentThreadId
GetLocalTime
GetCurrentProcessId
GetCurrentProcess
OutputDebugStringW
CreateDirectoryW
GlobalLock
GlobalFlags
GlobalUnlock
LocalHandle
DeleteFileW
Sleep
DeleteFileA
SetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileStringW
CopyFileW
WritePrivateProfileStringW
LoadLibraryA
GetTickCount
OutputDebugStringA
GetProcAddress
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetExitCodeThread
LocalFree
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesW
WriteFile
SetFileTime
FileTimeToSystemTime
GetFileInformationByHandle
GetFileSize
UnmapViewOfFile
SetEndOfFile
GetLocaleInfoA
WaitForSingleObject
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GlobalFree
InterlockedExchangeAdd
GlobalAlloc
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
WideCharToMultiByte
LocalAlloc
CloseHandle
CreateFileA
MultiByteToWideChar
TerminateThread
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
VirtualAlloc
RaiseException
InitializeCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetSystemTimeAsFileTime
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetFileAttributesA
MoveFileW
GetCommandLineA
RtlUnwind
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
GetModuleHandleA

user32

DispatchMessageW
PeekMessageW
LoadImageW
DefWindowProcW
RegisterClassExW
CreateWindowExW
SendMessageW
wsprintfW
GetDesktopWindow

gdi32

StretchBlt
SetMapMode
SelectObject
CreateCompatibleDC
DeleteDC
EndDoc
EndPage
StartPage
GetDeviceCaps
StartDocW
CreateDCW
DeleteObject

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
EnumPrintersW
ord203

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW

dbghelp

MiniDumpWriteDump

gdiplus

GdiplusStartup
GdiplusShutdown

Exports

Exports

AppendPrintInit
AppendPrintUnInit

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

909b24222659b6e354b5131852cb2470

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

dbghelp

gdiplus

Exports

Exports

Sections

.text Size: 199KB - Virtual size: 199KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 199KB - Virtual size: 199KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB