9125d113d8af8fbf1b168178a4cdfb10N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9125d113d8af8fbf1b168178a4cdfb10N.exe
Size

140KB
MD5

9125d113d8af8fbf1b168178a4cdfb10
SHA1

58088b784149506d8f791349a2f04b9f1a6a2b0c
SHA256

d4f2af45a0a7232f879bb13edcdf76f3738b92241896d0d519a4a55e06130c72
SHA512

6b37ba70350cfb2516f8f1cbdaf99101825e8c2b67d587cdc2d0dc51d5d50a2bbd6d57f36fb531973d7a23d01dc6be580cb92086229de63123f21fa329831968
SSDEEP

1536:bsjqarumS7BsoPmZUQd4OxEHFzu9ZxW3Fh4ytexlmw1GoOHR5IB7E0whLY75k9wa:Eqa4IUMxEHFzR1hPePmwmxKrCwvliJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9125d113d8af8fbf1b168178a4cdfb10N.exe

Files

9125d113d8af8fbf1b168178a4cdfb10N.exe
.dll windows:4 windows x86 arch:x86

c349bb60bfa689b5fb3062f723d52200

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CLIPOBJ_cEnumStart
EngDeletePalette
EngDeleteSurface
EngAssociateSurface
EngCreateDeviceSurface
EngCreatePalette
EngMultiByteToUnicodeN
XFORMOBJ_bApplyXform
EngUnicodeToMultiByteN
FONTOBJ_pxoGetXform
CLIPOBJ_bEnum
FONTOBJ_pvTrueTypeFontFile
PATHOBJ_vGetBounds
FONTOBJ_cGetGlyphs
PATHOBJ_bEnum
PATHOBJ_vEnumStart
XFORMOBJ_iGetXform
STROBJ_bEnum
STROBJ_bEnumPositionsOnly
STROBJ_vEnumStart
XLATEOBJ_cGetPalette
BRUSHOBJ_pvAllocRbrush
BRUSHOBJ_pvGetRbrush
EngEraseSurface
FONTOBJ_pifi

kernel32

CloseHandle
WriteFile
SetFilePointer
CreateFileW
MapViewOfFile
CreateFileMappingW
GetFileSize
UnmapViewOfFile
FlushFileBuffers
DeleteFileW
GlobalFree
GlobalAlloc
GetLastError
TlsSetValue
DisableThreadLibraryCalls
GetTempPathW
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryW
SetCurrentDirectoryW
GetCurrentDirectoryW
ReadFile
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
TlsFree
TlsAlloc
InitializeCriticalSection
QueryPerformanceFrequency
lstrcatW
lstrcpyW
CreateEventW
WaitForMultipleObjects
SetEvent
ResetEvent
SetLastError
CopyFileW
GetSystemWindowsDirectoryW
UnlockFileEx
SetEndOfFile
LockFileEx
Sleep
GetSystemDefaultLangID
HeapFree
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapReAlloc
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InterlockedExchange
VirtualQuery
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetCPInfo
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
SetStdHandle

winspool.drv

GetPrinterDataW
GetPrinterDriverW
GetPrinterW
WritePrinter
ClosePrinter
SetPrinterDataW
OpenPrinterW

advapi32

RegEnumValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c349bb60bfa689b5fb3062f723d52200

Headers

File Characteristics

Imports

gdi32

kernel32

winspool.drv

advapi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 8KB - Virtual size: 5KB