a7d614034ce4ee1e0ea4b1aa360f963ccbe1571e00dcd4a385775371bc4fbc26

Sharing

Copy URL

Twitter E-mail

General

Target

a7d614034ce4ee1e0ea4b1aa360f963ccbe1571e00dcd4a385775371bc4fbc26
Size

1.4MB
MD5

1bc1e1954201da6878f6346a96db23a5
SHA1

d6b573c42cfde3e65c3b13bad483a49542b9f334
SHA256

a7d614034ce4ee1e0ea4b1aa360f963ccbe1571e00dcd4a385775371bc4fbc26
SHA512

fe29627c12470176f088c465daa1692e089c1309e4f393243f24b0b9941151a7ba934dddaf52d83cac2006f6fb36d5c53a7298408b6d993a9751e7a6141655cb
SSDEEP

24576:U5v0UtYJN3UAEny0oRwVZlCvQ3cRB7aBq3U9T3Ga2vRwXz9FnEQs4ZuaiMpHJJ8D:oj23d9DRwblCvQ3g7c39jsiX/ECZViE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a7d614034ce4ee1e0ea4b1aa360f963ccbe1571e00dcd4a385775371bc4fbc26

Files

a7d614034ce4ee1e0ea4b1aa360f963ccbe1571e00dcd4a385775371bc4fbc26
.exe windows:4 windows x86 arch:x86

ab6e799a72a6b793658bd14e116eec9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\cc_view\new_smartpanel\geeta.sb_view6\SmartPanel_WIN\Source\Component\ScreenPrint\Release\ScreenPrint.pdb

Imports

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipBitmapSetResolution
GdipCreateBitmapFromScan0
GdipFree
GdipBitmapUnlockBits
GdipCreateFromHDC2
GdipDrawImageRect
GdipImageRotateFlip
GdipSetPageUnit
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipReleaseDC
GdipGetDC
GdipDeleteGraphics
GdipGetImageGraphicsContext

oleacc

ObjectFromLresult

kernel32

GetSystemTimeAsFileTime
GetStdHandle
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringW
InitializeCriticalSection
GlobalHandle
GlobalFree
FindResourceW
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
lstrlenW
lstrcmpW
MulDiv
GetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
SetLastError
RaiseException
FindResourceExW
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadLibraryExW
GetModuleHandleW
ExitProcess
GetModuleHandleA
HeapCreate
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
WideCharToMultiByte
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
Sleep
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetModuleFileNameA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
CloseHandle

user32

EndPaint
IsChild
GetFocus
SetFocus
GetDlgItem
GetWindowLongW
GetClassNameW
GetParent
CharNextW
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
InvalidateRect
InvalidateRgn
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetClassInfoExW
GetClientRect
BeginPaint
GetSysColor
UnregisterClassA
DefWindowProcW
DestroyAcceleratorTable
SetWindowLongW
SendMessageW
DestroyWindow
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
LoadCursorW
RegisterClassExW
CreateWindowExW
GetWindow
SetWindowPos
CreateDialogIndirectParamW
CallWindowProcW
GetWindowDC
GetWindowRect
GetForegroundWindow
ReleaseDC
GetDesktopWindow
GetSystemMetrics
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
SystemParametersInfoW
MapWindowPoints
SendMessageTimeoutW
RegisterWindowMessageW
IsWindow
FindWindowExW
GetDC
FillRect
RedrawWindow

gdi32

StartDocW
StartPage
CreateHalftonePalette
EndDoc
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateDCW
DeleteDC
DeleteObject
GetObjectW
GetStockObject
GetDeviceCaps
EndPage
BitBlt
CreateSolidBrush

winspool.drv

ord203
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey

ole32

CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoTaskMemAlloc
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc

oleaut32

VarUI4FromStr
SysStringLen
VariantInit
VariantClear
SysAllocString
SysStringByteLen
LoadTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysFreeString
LoadRegTypeLi

comctl32

InitCommonControlsEx

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jsoabva
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 548KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vhbhwpf
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 548KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab6e799a72a6b793658bd14e116eec9b

Headers

File Characteristics

PDB Paths

Imports

gdiplus

oleacc

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 100KB - Virtual size: 100KB

jsoabva Size: - Virtual size: 4KB

.text Size: 548KB - Virtual size: 548KB

vhbhwpf Size: 72KB - Virtual size: 72KB

.text Size: 548KB - Virtual size: 548KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 100KB - Virtual size: 100KB

jsoabva
Size: - Virtual size: 4KB

.text
Size: 548KB - Virtual size: 548KB

vhbhwpf
Size: 72KB - Virtual size: 72KB

.text
Size: 548KB - Virtual size: 548KB