8ea31e45aca30a207f7a3619d308eb1a30a5f062c57e8ce2bd0c4637526cb44b

Sharing

Copy URL

Twitter E-mail

General

Target

8ea31e45aca30a207f7a3619d308eb1a30a5f062c57e8ce2bd0c4637526cb44b
Size

832KB
MD5

9b1afce65265aa349e168967aab44347
SHA1

489528d676d7b6867ee5b0c346223b1eaeabd99a
SHA256

8ea31e45aca30a207f7a3619d308eb1a30a5f062c57e8ce2bd0c4637526cb44b
SHA512

16dab2c74a7479eca4eb80fa2d4f08c7b3feea29fc258df44fc0b83122994e71e763ee4bc19879cd07c797392f9f8feb5485c7c764d21a8fe61e8bbc87663fe6
SSDEEP

24576:34FApliUbLXWarhRrh1IFoYlZu/16jashMAj08dVXDt:3DZfXWEhdaZlZuN6jXhMibV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ea31e45aca30a207f7a3619d308eb1a30a5f062c57e8ce2bd0c4637526cb44b

Files

8ea31e45aca30a207f7a3619d308eb1a30a5f062c57e8ce2bd0c4637526cb44b
.exe windows:5 windows x86 arch:x86

aba2aa380d0acf4623fcc5d67ee140e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExW
GetVersion
LockResource
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

winspool.drv

OpenPrinterW

comctl32

FlatSB_SetScrollInfo

shell32

ShellExecuteW

ole32

CoInitialize

version

GetFileVersionInfoW

user32

EnableScrollBar

oleaut32

VariantInit

netapi32

NetWkstaGetInfo

advapi32

RegDeleteKeyW

gdi32

StretchDIBits

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

AFII_M'"
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Y;YZ-PV9
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

edL'`t_+
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s'Ef5)jL
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

i?(0Rf\R
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1Hs #`9m
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o`23C_kU
Size: - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

u1''mG@p
Size: - Virtual size: 72B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

<=I7Yc/6
Size: - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

S;Tr\K2m
Size: - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/ I `o#6
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t?.IcYo^
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aba2aa380d0acf4623fcc5d67ee140e7

Headers

File Characteristics

Imports

kernel32

winspool.drv

comctl32

shell32

ole32

version

user32

oleaut32

netapi32

advapi32

gdi32

Exports

Exports

Sections

AFII_M'" Size: - Virtual size: 2.0MB

Y;YZ-PV9 Size: - Virtual size: 7KB

edL'`t_+ Size: - Virtual size: 25KB

s'Ef5)jL Size: - Virtual size: 24KB

i?(0Rf\R Size: - Virtual size: 12KB

1Hs #`9m Size: - Virtual size: 2KB

o`23C_kU Size: - Virtual size: 151B

u1''mG@p Size: - Virtual size: 72B

<=I7Yc/6 Size: - Virtual size: 93B

S;Tr\K2m Size: - Virtual size: 90KB

/ I `o#6 Size: 824KB - Virtual size: 824KB

t?.IcYo^ Size: 7KB - Virtual size: 42KB

AFII_M'"
Size: - Virtual size: 2.0MB

Y;YZ-PV9
Size: - Virtual size: 7KB

edL'`t_+
Size: - Virtual size: 25KB

s'Ef5)jL
Size: - Virtual size: 24KB

i?(0Rf\R
Size: - Virtual size: 12KB

1Hs #`9m
Size: - Virtual size: 2KB

o`23C_kU
Size: - Virtual size: 151B

u1''mG@p
Size: - Virtual size: 72B

<=I7Yc/6
Size: - Virtual size: 93B

S;Tr\K2m
Size: - Virtual size: 90KB

/ I `o#6
Size: 824KB - Virtual size: 824KB

t?.IcYo^
Size: 7KB - Virtual size: 42KB