0255cb588a0bbcc161ff918045851a7711cb77c7782a49756e1477694b348678

Sharing

Copy URL Twitter E-mail

General

Target

0255cb588a0bbcc161ff918045851a7711cb77c7782a49756e1477694b348678
Size

7.9MB
MD5

bd83ad9c0f4f02cc69660fddc62c2213
SHA1

e2a0e99b8a5c4eb1d07d6beb2d2b1b739f893f5f
SHA256

0255cb588a0bbcc161ff918045851a7711cb77c7782a49756e1477694b348678
SHA512

c644c551b6aada522362be41584f73e29700ca30094aa1b9f7acfb1b1a0fe0b80764090b8ef20c93b0082889883c383611ad59466222d6c07b7b948f9fd44f19
SSDEEP

196608:1LPzKiS42dp14qB2rteZUttZoc9yNasMH3sVhwTbg:1q37dp14y2Rbv2rNq8Vhwfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0255cb588a0bbcc161ff918045851a7711cb77c7782a49756e1477694b348678

Files

0255cb588a0bbcc161ff918045851a7711cb77c7782a49756e1477694b348678
.dll windows:5 windows x86 arch:x86

9dadea2a7bdf28fb10c67ad704d88a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetClipboardData
CharUpperBuffW

gdi32

SaveDC

winmm

midiStreamRestart

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

_TrackMouseEvent

ws2_32

ntohl

comdlg32

GetFileTitleA

Exports

Exports

ServiceMain
init

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qyd0
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qyd1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qyd2
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dadea2a7bdf28fb10c67ad704d88a7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 176KB

.data Size: - Virtual size: 281KB

.qyd0 Size: - Virtual size: 4.5MB

.qyd1 Size: 4KB - Virtual size: 2KB

.qyd2 Size: 7.9MB - Virtual size: 7.9MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 176KB

.data
Size: - Virtual size: 281KB

.qyd0
Size: - Virtual size: 4.5MB

.qyd1
Size: 4KB - Virtual size: 2KB

.qyd2
Size: 7.9MB - Virtual size: 7.9MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 4KB