388ee79d256270e2281f14392c4817d9125b5acb603dc98f7319eabe9d18d94b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

388ee79d256270e2281f14392c4817d9125b5acb603dc98f7319eabe9d18d94b
Size

9.4MB
MD5

1ef078b4373eeca52f7e74ad5deb37af
SHA1

0a3e11735e208d1d2453bc7f0baf85fb6aae2de6
SHA256

388ee79d256270e2281f14392c4817d9125b5acb603dc98f7319eabe9d18d94b
SHA512

eb1bbe74dad3a6015cac22e65650f0514e3e6edfe7138bef1f81d711442e60fcfdb87c50ca0afbb5c50ce155066a1ba74485177dc3f5065f2f1bbd8fdf52c567
SSDEEP

98304:QWdfAaRL3mYlY7HjSxAdxJ2iQMvH+CjbhemLqMdv4l7/iOXfliezJkK7/iHXfli3:zL3mfSGnkBOlempcXftmXf6f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388ee79d256270e2281f14392c4817d9125b5acb603dc98f7319eabe9d18d94b

Files

388ee79d256270e2281f14392c4817d9125b5acb603dc98f7319eabe9d18d94b
.exe windows:5 windows x86 arch:x86

b3797f7cdade62004d38bfe486cbeb84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

timeGetTime

d3d9

Direct3DCreate9

winspool.drv

GetPrinterW

comdlg32

PrintDlgW

comctl32

ImageList_Add

shell32

ShellExecuteW

user32

GetDC

version

VerQueryValueW

oleaut32

VariantInit

advapi32

RegEnumKeyW

netapi32

NetWkstaGetInfo

msvcrt

memcmp

shfolder

SHGetFolderPathW

ole32

OleDraw

gdi32

Pie

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.MPRESS1
Size: 1.4MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE