3af385262dbf85936c32a48694304b7a9bd3990ec62ab3ce25acd35ad726cd3e

General

Target

3af385262dbf85936c32a48694304b7a9bd3990ec62ab3ce25acd35ad726cd3e
Size

132KB
MD5

2b0479a76a2479befcd5179831f81f3d
SHA1

253418aa3735acb2385ae54956130babbc3664bf
SHA256

3af385262dbf85936c32a48694304b7a9bd3990ec62ab3ce25acd35ad726cd3e
SHA512

10a68350852a464b5c46d616afc6d0529e8c1aa795038cccfb10a8fbe314a25689c2f7973fb2e050e6ef6e4cbd8a3c28ceb56277c068538bb5b5863b4a346f19
SSDEEP

3072:eFLbPU1mSDADeak7dJHB/A8MDCkjVi+Slwjsx4z:ehhSsQLH5AhxjClOsx4z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af385262dbf85936c32a48694304b7a9bd3990ec62ab3ce25acd35ad726cd3e

Files

3af385262dbf85936c32a48694304b7a9bd3990ec62ab3ce25acd35ad726cd3e
.exe windows:4 windows x86 arch:x86

d5fb7b4484e1397c8024492d3fac9603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
WriteFile
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFullPathNameA
GetFileSize
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
GetVersionExA
DeleteFileA
CreateEventA
SetEvent
MultiByteToWideChar
WideCharToMultiByte
MulDiv
lstrcpyA
lstrlenA
CreateFileA
ReadFile
CloseHandle
GetModuleHandleA
GetStartupInfoA

gdi32

CreateCompatibleDC
CreateDCA
EndPage
EndDoc
GetTextCharset
GetDeviceCaps
CreateFontIndirectA
SelectObject
GetFontLanguageInfo
SetTextAlign
GetCharacterPlacementA
GetTextExtentPoint32A
CreateCompatibleBitmap
GetTextAlign
BeginPath
CreatePen
CreateSolidBrush
GetGlyphOutlineA
MoveToEx
EndPath
FlattenPath
GetPath
PolyBezier
GetTextMetricsA
GetTextFaceA
GetStockObject
StretchDIBits
StartPage
ExtEscape
StartDocA
TextOutA
SetTextColor
SetBkMode
DeleteDC
DeleteObject
LineTo

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetPrinterA

msvcrt

_controlfp
free
malloc
realloc
_ismbslead
calloc
printf
strrchr
strstr
strncpy
vsprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5fb7b4484e1397c8024492d3fac9603

Headers

File Characteristics

Imports

kernel32

gdi32

winspool.drv

msvcrt

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 764B

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 764B

.rsrc
Size: 108KB - Virtual size: 108KB