d589c701b565e2d3a3a2caba872527c7ce0184ec99a94d7ffde6aa9715eadd0d

Sharing

Copy URL Twitter E-mail

General

Target

d589c701b565e2d3a3a2caba872527c7ce0184ec99a94d7ffde6aa9715eadd0d
Size

15.7MB
MD5

31d1faa1291f6d2300713680260cf9a8
SHA1

fc84ac50a51af0c78eb03501398a88eb67a8c030
SHA256

d589c701b565e2d3a3a2caba872527c7ce0184ec99a94d7ffde6aa9715eadd0d
SHA512

00432c251aa1ca127bebabdb06c4a9f409af121d461161557ad67f1219ebf9b57b2a44ae634cd8fae83036257c10b99b68f11d4c8ae61fe93ac615e390872cd5
SSDEEP

196608:hRBlShPNCHTBMygXo7VmLm/9ui696ctXTr+iVm45FfqClgth3gzNA6FzySOuij6M:PBQ3CHuE2llRVm45FSvT3gNLFzRsHae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d589c701b565e2d3a3a2caba872527c7ce0184ec99a94d7ffde6aa9715eadd0d

Files

d589c701b565e2d3a3a2caba872527c7ce0184ec99a94d7ffde6aa9715eadd0d
.exe windows:5 windows x86 arch:x86

404dd5036dd8fb4984cdb216f55ea546

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

DrawFocusRect

gdi32

GetRgnBox

comdlg32

PrintDlgA

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

SHGetFileInfoA

comctl32

ord17

oledlg

ord3

ole32

OleIsCurrentClipboard

olepro32

ord253

oleaut32

VarCyFromStr

ws2_32

send

hid

HidD_GetAttributes

setupapi

SetupDiDestroyDeviceInfoList

winscard

SCardEstablishContext

Sections

.text
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atp0
Size: - Virtual size: 10.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.atp1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atp2
Size: 15.6MB - Virtual size: 15.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

404dd5036dd8fb4984cdb216f55ea546

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

hid

setupapi

winscard

Sections

.text Size: - Virtual size: 1.9MB

.rdata Size: - Virtual size: 128KB

.data Size: - Virtual size: 161KB

.idata Size: - Virtual size: 24KB

.atp0 Size: - Virtual size: 10.0MB

.atp1 Size: 8KB - Virtual size: 4KB

.atp2 Size: 15.6MB - Virtual size: 15.6MB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 1.9MB

.rdata
Size: - Virtual size: 128KB

.data
Size: - Virtual size: 161KB

.idata
Size: - Virtual size: 24KB

.atp0
Size: - Virtual size: 10.0MB

.atp1
Size: 8KB - Virtual size: 4KB

.atp2
Size: 15.6MB - Virtual size: 15.6MB

.rsrc
Size: 4KB - Virtual size: 1KB